City on the sky: extending XACML for flexible, secure data sharing on the Cloud
Sharing data from various sources and of diverse kinds, and fusing them together for sophisticated analytics and mash-up applications are emerging trends, and are prerequisites for realizing grand visions such as that of cyber-physical systems enabled smart cities. Cloud infrastructure can enable su...
Saved in:
Main Authors: | , , |
---|---|
Other Authors: | |
Format: | Article |
Language: | English |
Published: |
2013
|
Online Access: | https://hdl.handle.net/10356/99414 http://hdl.handle.net/10220/12957 |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
Institution: | Nanyang Technological University |
Language: | English |
id |
sg-ntu-dr.10356-99414 |
---|---|
record_format |
dspace |
spelling |
sg-ntu-dr.10356-994142020-05-28T07:17:21Z City on the sky: extending XACML for flexible, secure data sharing on the Cloud Dinh, Tien Tuan Anh Wenqiang, Wang Datta, Anwitaman School of Computer Engineering Sharing data from various sources and of diverse kinds, and fusing them together for sophisticated analytics and mash-up applications are emerging trends, and are prerequisites for realizing grand visions such as that of cyber-physical systems enabled smart cities. Cloud infrastructure can enable such data sharing both because it can scale easily to an arbitrary volume of data and computation needs on demand, as well as because of natural collocation of diverse such data sets within the infrastructure. However, in order to convince data owners that their data are well protected while being shared among cloud users, the cloud platform needs to provide flexible mechanisms for the users to express the constraints (access rules) subject to which the data should be shared, and likewise, enforce them effectively. We study a comprehensive set of practical scenarios where data sharing needs to be enforced by methods such as aggregation, windowed frame, value constrains, etc., and observe that existing basic access control mechanisms do not provide adequate flexibility to support effective data sharing in a secure and controlled manner. In this paper, we thus propose a framework for cloud that extends popular XACML model significantly by integrating flexible access control decisions and data access in a seamless fashion. We have prototyped the framework and deployed it on commercial cloud environment for experimental runs to test the efficacy of our approach and evaluate the performance of the implemented prototype. 2013-08-02T08:09:28Z 2019-12-06T20:06:56Z 2013-08-02T08:09:28Z 2019-12-06T20:06:56Z 2012 2012 Journal Article Dinh, T. T. A., Wenqiang, W.,& Datta, A. (2012). City on the Sky: Extending XACML for Flexible, Secure Data Sharing on the Cloud. Journal of Grid Computing, 10(1), 151-172. https://hdl.handle.net/10356/99414 http://hdl.handle.net/10220/12957 10.1007/s10723-012-9212-9 en Journal of grid computing |
institution |
Nanyang Technological University |
building |
NTU Library |
country |
Singapore |
collection |
DR-NTU |
language |
English |
description |
Sharing data from various sources and of diverse kinds, and fusing them together for sophisticated analytics and mash-up applications are emerging trends, and are prerequisites for realizing grand visions such as that of cyber-physical systems enabled smart cities. Cloud infrastructure can enable such data sharing both because it can scale easily to an arbitrary volume of data and computation needs on demand, as well as because of natural collocation of diverse such data sets within the infrastructure. However, in order to convince data owners that their data are well protected while being shared among cloud users, the cloud platform needs to provide flexible mechanisms for the users to express the constraints (access rules) subject to which the data should be shared, and likewise, enforce them effectively. We study a comprehensive set of practical scenarios where data sharing needs to be enforced by methods such as aggregation, windowed frame, value constrains, etc., and observe that existing basic access control mechanisms do not provide adequate flexibility to support effective data sharing in a secure and controlled manner. In this paper, we thus propose a framework for cloud that extends popular XACML model significantly by integrating flexible access control decisions and data access in a seamless fashion. We have prototyped the framework and deployed it on commercial cloud environment for experimental runs to test the efficacy of our approach and evaluate the performance of the implemented prototype. |
author2 |
School of Computer Engineering |
author_facet |
School of Computer Engineering Dinh, Tien Tuan Anh Wenqiang, Wang Datta, Anwitaman |
format |
Article |
author |
Dinh, Tien Tuan Anh Wenqiang, Wang Datta, Anwitaman |
spellingShingle |
Dinh, Tien Tuan Anh Wenqiang, Wang Datta, Anwitaman City on the sky: extending XACML for flexible, secure data sharing on the Cloud |
author_sort |
Dinh, Tien Tuan Anh |
title |
City on the sky: extending XACML for flexible, secure data sharing on the Cloud |
title_short |
City on the sky: extending XACML for flexible, secure data sharing on the Cloud |
title_full |
City on the sky: extending XACML for flexible, secure data sharing on the Cloud |
title_fullStr |
City on the sky: extending XACML for flexible, secure data sharing on the Cloud |
title_full_unstemmed |
City on the sky: extending XACML for flexible, secure data sharing on the Cloud |
title_sort |
city on the sky: extending xacml for flexible, secure data sharing on the cloud |
publishDate |
2013 |
url |
https://hdl.handle.net/10356/99414 http://hdl.handle.net/10220/12957 |
_version_ |
1681056160655867904 |