City on the sky: extending XACML for flexible, secure data sharing on the Cloud

Sharing data from various sources and of diverse kinds, and fusing them together for sophisticated analytics and mash-up applications are emerging trends, and are prerequisites for realizing grand visions such as that of cyber-physical systems enabled smart cities. Cloud infrastructure can enable su...

Full description

Saved in:
Bibliographic Details
Main Authors: Dinh, Tien Tuan Anh, Wenqiang, Wang, Datta, Anwitaman
Other Authors: School of Computer Engineering
Format: Article
Language:English
Published: 2013
Online Access:https://hdl.handle.net/10356/99414
http://hdl.handle.net/10220/12957
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Nanyang Technological University
Language: English
id sg-ntu-dr.10356-99414
record_format dspace
spelling sg-ntu-dr.10356-994142020-05-28T07:17:21Z City on the sky: extending XACML for flexible, secure data sharing on the Cloud Dinh, Tien Tuan Anh Wenqiang, Wang Datta, Anwitaman School of Computer Engineering Sharing data from various sources and of diverse kinds, and fusing them together for sophisticated analytics and mash-up applications are emerging trends, and are prerequisites for realizing grand visions such as that of cyber-physical systems enabled smart cities. Cloud infrastructure can enable such data sharing both because it can scale easily to an arbitrary volume of data and computation needs on demand, as well as because of natural collocation of diverse such data sets within the infrastructure. However, in order to convince data owners that their data are well protected while being shared among cloud users, the cloud platform needs to provide flexible mechanisms for the users to express the constraints (access rules) subject to which the data should be shared, and likewise, enforce them effectively. We study a comprehensive set of practical scenarios where data sharing needs to be enforced by methods such as aggregation, windowed frame, value constrains, etc., and observe that existing basic access control mechanisms do not provide adequate flexibility to support effective data sharing in a secure and controlled manner. In this paper, we thus propose a framework for cloud that extends popular XACML model significantly by integrating flexible access control decisions and data access in a seamless fashion. We have prototyped the framework and deployed it on commercial cloud environment for experimental runs to test the efficacy of our approach and evaluate the performance of the implemented prototype. 2013-08-02T08:09:28Z 2019-12-06T20:06:56Z 2013-08-02T08:09:28Z 2019-12-06T20:06:56Z 2012 2012 Journal Article Dinh, T. T. A., Wenqiang, W.,& Datta, A. (2012). City on the Sky: Extending XACML for Flexible, Secure Data Sharing on the Cloud. Journal of Grid Computing, 10(1), 151-172. https://hdl.handle.net/10356/99414 http://hdl.handle.net/10220/12957 10.1007/s10723-012-9212-9 en Journal of grid computing
institution Nanyang Technological University
building NTU Library
country Singapore
collection DR-NTU
language English
description Sharing data from various sources and of diverse kinds, and fusing them together for sophisticated analytics and mash-up applications are emerging trends, and are prerequisites for realizing grand visions such as that of cyber-physical systems enabled smart cities. Cloud infrastructure can enable such data sharing both because it can scale easily to an arbitrary volume of data and computation needs on demand, as well as because of natural collocation of diverse such data sets within the infrastructure. However, in order to convince data owners that their data are well protected while being shared among cloud users, the cloud platform needs to provide flexible mechanisms for the users to express the constraints (access rules) subject to which the data should be shared, and likewise, enforce them effectively. We study a comprehensive set of practical scenarios where data sharing needs to be enforced by methods such as aggregation, windowed frame, value constrains, etc., and observe that existing basic access control mechanisms do not provide adequate flexibility to support effective data sharing in a secure and controlled manner. In this paper, we thus propose a framework for cloud that extends popular XACML model significantly by integrating flexible access control decisions and data access in a seamless fashion. We have prototyped the framework and deployed it on commercial cloud environment for experimental runs to test the efficacy of our approach and evaluate the performance of the implemented prototype.
author2 School of Computer Engineering
author_facet School of Computer Engineering
Dinh, Tien Tuan Anh
Wenqiang, Wang
Datta, Anwitaman
format Article
author Dinh, Tien Tuan Anh
Wenqiang, Wang
Datta, Anwitaman
spellingShingle Dinh, Tien Tuan Anh
Wenqiang, Wang
Datta, Anwitaman
City on the sky: extending XACML for flexible, secure data sharing on the Cloud
author_sort Dinh, Tien Tuan Anh
title City on the sky: extending XACML for flexible, secure data sharing on the Cloud
title_short City on the sky: extending XACML for flexible, secure data sharing on the Cloud
title_full City on the sky: extending XACML for flexible, secure data sharing on the Cloud
title_fullStr City on the sky: extending XACML for flexible, secure data sharing on the Cloud
title_full_unstemmed City on the sky: extending XACML for flexible, secure data sharing on the Cloud
title_sort city on the sky: extending xacml for flexible, secure data sharing on the cloud
publishDate 2013
url https://hdl.handle.net/10356/99414
http://hdl.handle.net/10220/12957
_version_ 1681056160655867904