Enforcing Subscription-Based Authorization Policies in Cloud Scenarios

نویسندگان

  • Sabrina De Capitani di Vimercati
  • Sara Foresti
  • Sushil Jajodia
  • Giovanni Livraga
چکیده

The rapid advances in the Information and Communication Technologies have brought to the development of on-demand high quality applications and services allowing users to easily access resources anywhere anytime. Users can pay for a service and access the resources made available during their subscriptions until the subscribed periods expire. Users are then forced to download such resources if they want to access them also after the subscribed periods. To avoid this burden to the users, we propose the adoption of a subscription-based access control policy that combines a flexible key derivation structure with selective encryption. The publication of new resources as well as the management of subscriptions are accommodated by adapting the key derivation structure in a transparent way for the users.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

A Policy Language for Integrating Heterogeneous Authorization Policies

In order to manage and enforce multiple heterogeneous authorization policies in distributed authorization environment, we defined the root policy specification language and its corresponding enforcing mechanism. In a root policy, the involved users and resources can be defined in coarse or finegrained. Each involved authorization policy’s storage, trust management and enforcement can be defined...

متن کامل

Can Access Control be Extended to Deal with Data Handling in Privacy Scenarios?

In this position paper, we claim that access control policy languages can be extended to address data handling. Indeed, matching users’ privacy preferences and services’ privacy policies as well as enforcing what services can do with collected data rely on authorization queries and obligations, which exist in some access control languages. We present results from extending SecPAL to address dat...

متن کامل

A privacy preserving authorisation system for the cloud

In this paper we describe a policy based authorisation infrastructure that a cloud provider can run as an infrastructure service for its users. It will ヮヴラデWIデ デエW ヮヴキ┗;I┞ ラa ┌ゲWヴゲげ S;デ; H┞ allowing the users to set their own privacy policies, and then enforcing them so that no unauthorised access is allowed to their data. The infrastructure ensures that the ┌ゲWヴゲげ privacy policies are stuck to...

متن کامل

Constrained Role-based Delegation

Delegation is a proIIlIsmg alternative to traditional role administration paradigms in role-based systems. It empowers users to exercise discretion in how they use resources as it is in discretionary access control (DAC). Unlike the anarchy of DAC, in role-based access control (RBAC) higher-level organizational policies can be specified on roles to regulate user's action. Delegations and revoca...

متن کامل

Towards Privacy-Enhanced Authorization Policies and Languages

The protection of privacy in today’s global infrastructure requires the combined application solution from technology (technical measures), legislation (law and public policy), and organizational and individual policies and practices. Emerging scenarios of user-service interactions in the digital world are also pushing toward the development of powerful and flexible privacy-enhanced models and ...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2012