Enforcing Subscription-Based Authorization Policies in Cloud Scenarios
نویسندگان
چکیده
The rapid advances in the Information and Communication Technologies have brought to the development of on-demand high quality applications and services allowing users to easily access resources anywhere anytime. Users can pay for a service and access the resources made available during their subscriptions until the subscribed periods expire. Users are then forced to download such resources if they want to access them also after the subscribed periods. To avoid this burden to the users, we propose the adoption of a subscription-based access control policy that combines a flexible key derivation structure with selective encryption. The publication of new resources as well as the management of subscriptions are accommodated by adapting the key derivation structure in a transparent way for the users.
منابع مشابه
A Policy Language for Integrating Heterogeneous Authorization Policies
In order to manage and enforce multiple heterogeneous authorization policies in distributed authorization environment, we defined the root policy specification language and its corresponding enforcing mechanism. In a root policy, the involved users and resources can be defined in coarse or finegrained. Each involved authorization policy’s storage, trust management and enforcement can be defined...
متن کاملCan Access Control be Extended to Deal with Data Handling in Privacy Scenarios?
In this position paper, we claim that access control policy languages can be extended to address data handling. Indeed, matching users’ privacy preferences and services’ privacy policies as well as enforcing what services can do with collected data rely on authorization queries and obligations, which exist in some access control languages. We present results from extending SecPAL to address dat...
متن کاملA privacy preserving authorisation system for the cloud
In this paper we describe a policy based authorisation infrastructure that a cloud provider can run as an infrastructure service for its users. It will ヮヴラデWIデ デエW ヮヴキ┗;I┞ ラa ┌ゲWヴゲげ S;デ; H┞ allowing the users to set their own privacy policies, and then enforcing them so that no unauthorised access is allowed to their data. The infrastructure ensures that the ┌ゲWヴゲげ privacy policies are stuck to...
متن کاملConstrained Role-based Delegation
Delegation is a proIIlIsmg alternative to traditional role administration paradigms in role-based systems. It empowers users to exercise discretion in how they use resources as it is in discretionary access control (DAC). Unlike the anarchy of DAC, in role-based access control (RBAC) higher-level organizational policies can be specified on roles to regulate user's action. Delegations and revoca...
متن کاملTowards Privacy-Enhanced Authorization Policies and Languages
The protection of privacy in today’s global infrastructure requires the combined application solution from technology (technical measures), legislation (law and public policy), and organizational and individual policies and practices. Emerging scenarios of user-service interactions in the digital world are also pushing toward the development of powerful and flexible privacy-enhanced models and ...
متن کامل