DELICATE ARRANGEMENT FOR BINARY-DYNAMIC ACCESS CONTROL FOR WEB-BASED CLOUD COMPUTING SERVICES

A lately suggested access control model known as attribute-based access control is a good candidate to tackle the first problem. It-not only provides anonymous authentication but in addition further defines access control policies according to features in the requester, atmosphere, or possibly the information object. In particular, within the framework of our 2FA access system, in accordance with the attribute, an access control mechanism is implemented that is necessary for the trivial and secret user's security key device. Let's introduce a new fine-grained two factors of authentication (2FA) of the access control system to cloud computing of Web services. To ensure that the user cannot access the system, if not both, that can improve the security mechanism of the system, especially in missions where many users share the same computer for Web services in their cloud. Finally, our goal is to conduct a simulation to demonstrate the feasibility of the 2FA system. Our protocol supports fine-grained attribute-based access which supplies an excellent versatility for that system to create different access policies based on different scenarios. Simultaneously, the privacy from the user can also be preserved

A FINE GRAINED ACCESS CONTROL MODEL BASED ON DIVERSE ATTRIBUTES

As the web has become a place for sharing of information and resources across varied domains, there is a need for providing authorization services in addition to authentication services provided by public key infrastructure (PKI). In distributed systems the use of attribute certificates (AC) has been explored as a solution for implementation of authorization services and their use is gaining popularity. AC issued by attribute authority (AA) facilitates identification of a service requester and can be used to enforce access control for resources. AC of a service requester is used as part of credentials supplied during the service request for accessing any resource. As there exist potentially multiple issuing domains which issue credentials, therefore the target domain must allow access to resources by considering different credentials and must be able to decide about which set of attributes can be considered as valid attributes for making access control decisions. In this paper, we present an authorization based access control model that allows a fine grained access control to resources in an open domain by utilizing attributes issued by diverse attribute authorities

My private cloud--granting federated access to cloud resources

We describe the research undertaken in the six month JISC/EPSRC funded My Private Cloud project, in which we built a demonstration cloud file storage service that allows users to login to it, by using their existing credentials from a configured trusted identity provider. Once authenticated, users are shown a set of accounts that they are the owners of, based on their identity attributes. Once users open one of their accounts, they can upload and download files to it. Not only that, but they can then grant access to their file resources to anyone else in the federated system, regardless of whether their chosen delegate has used the cloud service before or not. The system uses standard identity management protocols, attribute based access controls, and a delegation service. A set of APIs have been defined for the authentication, authorisation and delegation processes, and the software has been released as open source to the community. A public demonstration of the system is available online

Integrating security solutions to support nanoCMOS electronics research

The UK Engineering and Physical Sciences Research Council (EPSRC) funded Meeting the Design Challenges of nanoCMOS Electronics (nanoCMOS) is developing a research infrastructure for collaborative electronics research across multiple institutions in the UK with especially strong industrial and commercial involvement. Unlike other domains, the electronics industry is driven by the necessity of protecting the intellectual property of the data, designs and software associated with next generation electronics devices and therefore requires fine-grained security. Similarly, the project also demands seamless access to large scale high performance compute resources for atomic scale device simulations and the capability to manage the hundreds of thousands of files and the metadata associated with these simulations. Within this context, the project has explored a wide range of authentication and authorization infrastructures facilitating compute resource access and providing fine-grained security over numerous distributed file stores and files. We conclude that no single security solution meets the needs of the project. This paper describes the experiences of applying X.509-based certificates and public key infrastructures, VOMS, PERMIS, Kerberos and the Internet2 Shibboleth technologies for nanoCMOS security. We outline how we are integrating these solutions to provide a complete end-end security framework meeting the demands of the nanoCMOS electronics domain

Towards a re-engineering method for web services architectures

Recent developments in Web technologies – in particular through the Web services framework – have greatly enhanced the flexible and interoperable implementation of service-oriented software architectures. Many older Web-based and other distributed software systems will be re-engineered to a Web services-oriented platform. Using an advanced e-learning system as our case study, we investigate central aspects of a re-engineering approach for the Web services platform. Since our aim is to provide components of the legacy system also as services in the new platform, re-engineering to suit the new development paradigm is as important as re-engineering to suit the new architectural requirements

A Survey of Access Control Models in Wireless Sensor Networks

Copyright 2014 by the authors; licensee MDPI, Basel, Switzerland. This article is an open access article distributed under the terms and conditions of the Creative Commons Attribution license (http://creativecommons.org/licenses/by/3.0/)Wireless sensor networks (WSNs) have attracted considerable interest in the research community, because of their wide range of applications. However, due to the distributed nature of WSNs and their deployment in remote areas, these networks are vulnerable to numerous security threats that can adversely affect their proper functioning. Resource constraints in sensor nodes mean that security mechanisms with a large overhead of computation and communication are impractical to use in WSNs; security in sensor networks is, therefore, a challenge. Access control is a critical security service that offers the appropriate access privileges to legitimate users and prevents illegitimate users from unauthorized access. However, access control has not received much attention in the context of WSNs. This paper provides an overview of security threats and attacks, outlines the security requirements and presents a state-of-the-art survey on access control models, including a comparison and evaluation based on their characteristics in WSNs. Potential challenging issues for access control schemes in WSNs are also discussed.Peer reviewe