product iamge

Access Control Management in Cloud Environments

This document was uploaded by one of our users. The uploader already confirmed that they had the permission to publish it. If you are author/publisher or own the copyright of this documents, please report to us by using this DMCA report form.

Download
Search on Amazon

Simply click on the Download Book button.

Yes, Book downloads on Ebookily are 100% Free.

Sometimes the book is free on Amazon As well, so go ahead and hit "Search on Amazon"

This textbook introduces new business concepts on cloud environments such as secure, scalable anonymity and practical payment protocols for the Internet of things and Blockchain technology. The protocol uses electronic cash for payment transactions. In this new protocol, from the viewpoint of banks, consumers can improve anonymity if they are worried about disclosure of their identities in the cloud. Currently, there is not a book available that has reported the techniques covering the protocols with anonymizations and Blockchain technology. Thus this will be a useful book for universities to purchase. This textbook provides new direction for access control management and online business, with new challenges within Blockchain technology that may arise in cloud environments. One is related to the authorization granting process. For example, when a role is granted to a user, this role may conflict with other roles of the user or together with this role; the user may have or derive a high level of authority. Another is related to authorization revocation. For instance, when a role is revoked from a user, the user may still have the role. Experts will get benefits from these challenges through the developed methodology for authorization granting algorithm, and weak revocation and strong revocation algorithms.

Author(s): Hua Wang, Junli Cao, Yanchun Zhang
Publisher: Springer
Year: 2020

Language: English
Pages: 317
City: Cham

Preface
Acknowledgements
Contents
Part I Description
1 Introduction
1.1 Overview and Motivation
1.1.1 Cloud Computing
1.1.2 Internet of Things
IoT Data Taxonomy
Data Generation
Data Quality
Data Interoperability
1.1.3 Access Control Management
Mobile Service System
Electronic Payment
Role Based Access Control
1.2 Objectives of the Book
1.3 Organization of the Book
1.4 Problems and Exercises
1.4.1 Problems
1.4.2 Exercises
References
2 Electronic Commerce Items and Related Technology
2.1 Introduction
2.2 Items in Electronic Commerce
2.2.1 Trust and Privacy
2.2.2 Electronic Payment Systems
2.2.3 Mass-Market Adoption
2.2.4 Management and Implementation
2.2.5 Security
Network Connection Level
Management Level
Transactions Level
2.3 A Framework for Electronic Commerce
2.3.1 Criteria for Choosing a Framework
2.3.2 Framework and Dimensions
2.3.3 Dimension One: Software Technology in E-Commerce
2.3.4 Dimension 2: Hardware Support in E-Commerce
2.3.5 Dimension 3: E-Commerce Application
2.4 Conclusions
2.5 Problems and Exercises
2.5.1 Problems
2.5.2 Exercises
References
3 Untraceable Electronic Cash System in the Internet of Things
3.1 Introduction
3.1.1 Electronic Cash and Its Properties
3.1.2 Off-line Electronic Cash Overview
3.1.3 Outline of the Chapter
3.2 Some Basic Definitions
3.2.1 Hash Functions and Random Oracle Model
3.2.2 Cut-and-Choose Technique
3.2.3 RSA and DLA
3.2.4 Blind Signature
3.3 Basic Model
3.4 New Off-line Untraceable Electronic Cash Scheme
3.4.1 System Initialization
3.4.2 New Untraceable Electronic Cash Scheme
3.5 Security Analysis
3.6 A Simple Example
3.7 Comparisons
3.8 Conclusion
3.9 Problems and Exercises
3.9.1 Problems
3.9.2 Exercises
References
Part II M-Services and Scalable Payment
4 Achieving Secure and Flexible M-Services Through Tickets
4.1 Introduction
4.2 Security Primitives in the Proposed Architecture
4.2.1 Basic Definitions
4.2.2 Ticket Types
4.3 Single Signature Scheme for Tickets t1 and t2
4.3.1 System Initialization
4.3.2 The Single Signature Scheme
4.4 Multi-Signature Scheme for Ticket t3
4.4.1 Scheme Initialization
4.4.2 The Multi-Signature Scheme
4.5 System Security
4.5.1 Threat Analysis
4.5.2 Analysis of Ticket Usage
4.6 Comparisons
4.7 Conclusions
4.8 Problems and Exercises
4.8.1 Problems
4.8.2 Exercises
References
5 A Self-Scalable Anonymity Payment Approach in Cloud Environment
5.1 Introduction
5.2 Some Basic Definitions
5.2.1 Hash Functions
5.2.2 DLA and ElGamal Encryption System
5.2.3 Undeniable Signature Scheme and Schnorr Signature Scheme
5.2.4 Role Based Access Control
5.3 Basic Model and New Payment Model
5.3.1 Basic Payment Model
5.3.2 Anonymity Provider Agent
5.3.3 Proof of Ownership of a Coin
5.4 Self-Scalable Anonymity Payment Scheme
5.4.1 System Initialization
5.4.2 New Off-line Payment Scheme
5.4.3 Security Analysis
5.5 User-Role Assignment
5.5.1 Duty Separation Constraints
5.5.2 Grant Model
5.5.3 Revoke Model
5.6 Implementations
5.7 Conclusions
Appendix: An Example of the New Scheme
5.8 Problems and Exercises
5.8.1 Problems
5.8.2 Exercises
References
6 Using RBAC to Secure Payment Process in Cloud
6.1 Introduction
6.2 Administrative Issues in RBAC
6.2.1 User-Role Assignments
6.2.2 Permission-Role Assignments
6.2.3 Role-Role Assignment
6.2.4 Duty Separation Constraints
Static Separation of Duty
Dynamic Separation of Duty
6.3 User-Role Assignments for a Flexible Payment Scheme
6.4 Permission-Role Assignments with the Payment Scheme
6.5 Related Work
6.6 Conclusions
6.7 Problems and Exercises
6.7.1 Problems
6.7.2 Exercises
References
Part III RBAC with OCL and Negative Authorization
7 Role-Based Access Control Constraints and Object Constraint Language
7.1 Introduction
7.2 Motivation and Related Technologies
7.2.1 Role-Based Access Control
7.2.2 Unified Modelling Language and Object Constraints Language
7.3 Constraints in RBAC
7.3.1 Separation Constraints
7.3.2 Prerequisite Constraints
7.3.3 Cardinality Constraints
7.3.4 Mobility Constraints
7.4 Constraints Expression with OCL
7.4.1 Separation of Duty Constraints
7.4.2 Mobility Constraints
7.4.3 Prerequisite Constraints
7.4.4 Cardinality Constraints
7.5 Comparisons
7.6 Conclusions
7.7 Problems and Exercises
7.7.1 Problems
7.7.2 Exercises
References
8 Role-Based Delegation with Negative Authorization
8.1 Introduction
8.2 Related Work
8.3 Delegation Framework
8.3.1 Basic Elements and Components
8.3.2 Role-Based Delegation
8.4 Delegation Authorization
8.4.1 Authorization Models
8.4.2 An Approach for the Conflicting Problem
8.5 Comparisons
8.6 Conclusions
8.7 Problems and Exercises
8.7.1 Problems
8.7.2 Exercises
References
Part IV Ubiquitous Computing and Social Networks
9 Access Control Management for Ubiquitous Computing
9.1 Introduction
9.2 Related Technologies
9.2.1 Usage Control
9.2.2 Ubiquitous Computing Model
9.3 Authorization Models
9.4 Security Architecture
9.4.1 Structure of Reference Monitor
9.4.2 Architectures
SRM-Only Architecture
CRM-Only Architecture
SRM and CRM Architecture
9.5 Comparisons
9.6 Conclusions
9.7 Problems and Exercises
9.7.1 Problems
9.7.2 Exercises
References
10 Trust-Based Access Control Management in Collaborative Open Social Networks
10.1 Introduction
10.2 Motivations
10.3 A Trust Based Access Framework
10.4 Access Control Policies
10.4.1 Policy Operations
10.4.2 Access Control Architecture
10.5 Access Control Authorizations
10.6 Comparisons
10.7 Conclusions
10.8 Problems and Exercises
10.8.1 Problems
10.8.2 Exercises
References
Part V Access Control Policy and Blockchain Technology
11 Building Access Control Policy Model for Privacy Preserving and Testing Policy Conflicting Problems
11.1 Introduction
11.2 Motivations
11.3 Purpose Involved Access Control Framework
11.4 Access Control Policies
11.4.1 Authorization Models
11.4.2 Policy Operations
11.5 Conflicting Algorithms
11.6 Experimental Results
11.7 Comparisons
11.8 Conclusions
11.9 Problems and Exercises
11.9.1 Problems
11.9.2 Exercises
References
12 Effective Collaboration with Information Sharing in Virtual Universities
12.1 Introduction
12.2 Motivations
12.3 The Role-Based Delegation and Revocation Framework
12.3.1 Role-Based Access Control
12.3.2 Role-Based Delegation Model
12.3.3 Role-Based Group Delegation
12.4 Role-Based Delegation Revocations
12.4.1 Revocation Dimensions
12.4.2 Revoking Delegations
12.5 Delegation Authorization
12.5.1 Authorization Models
12.5.2 Authorization Rules
12.6 XML Implementation
12.7 Comparisons
12.8 Conclusions
12.9 Problems and Exercises
12.9.1 Problems
12.9.2 Exercises
References
13 Distributed Access Control Through Blockchain Technology
13.1 Introduction
13.2 Access Control Methods and Blockchain Technology
13.2.1 Access Control Methods
13.2.2 Enhancements on Ticket-Based Access Control Scheme for Mobile User
13.2.3 Enhancements on Anonymity Payment Scheme
13.2.4 Enhancements on Formal Authorization Approaches for Role Based Access Control
13.2.5 Blockchain Technology
13.3 Blockchain Based Access Control
13.4 Blockchain-Based Access Control for the Internet of Things
13.5 Future Work
13.5.1 Improvement of the Payment Scheme
13.5.2 Extension of Formal Authorization Approaches for Role Based Access Control
13.5.3 Electronic Commerce with RBAC
13.5.4 Implementation Issues
References
Index