La Trobe
- No file added yet -

Accessing Data from Multiple Sources Through Context-Aware Access Control

Download (2.64 MB)
conference contribution
posted on 2020-11-10, 03:17 authored by A S M KayesA S M Kayes, Wenny RahayuWenny Rahayu, Tharam DillonTharam Dillon, E Chang
© 2018 IEEE. Personal use of this material is permitted. Permission from IEEE must be obtained for all other uses, in any current or future media, including reprinting/republishing this material for advertising or promotional purposes, creating new collective works, for resale or redistribution to servers or lists, or reuse of any copyrighted component of this work in other works.

ABSTRACT
With the proliferation of cloud-based data and services, accessing data from distributed cloud environments and consequently providing integrated results to the users has become a key challenge, often involving large processing overheads and administrative costs. The traditional, spatial, temporal and other context-sensitive access control models have been applied in different environments in order to access such data and information. Recently, fog-based access control models have also been introduced to overcome the latency and processing issues by moving the execution of application logic from the cloud-level to an intermediary-level through adding computational nodes at the edges of the networks. These existing access control models mostly have been used to access data from centralized sources. However, we have been encountering rapid changes in computing technologies over the last few years, and many organizations need to dynamically control context-sensitive access to cloud data resources from distributed environments. In this article, we propose a new generation of fog-based access control approach, combining the benefits of fog computing and context-sensitive access control solutions. We first formally introduce a general data model and its associated policy and mapping models, in order to access data from distributed cloud sources and to provide integrated results to the users. In particular, we present a unified set of fog-based access control policies with the aim of reducing administrative burdens and processing overheads. We then introduce a unified data ontology together with its reasoning capability by realizing our formal approach. We demonstrate the applicability of our proposal through a prototype testing and several case studies. Experiment results demonstrate the good performance of our approach with respect to our earlier context-sensitive access control approach.

Funding

We acknowledge the contributions of our internship students, Yuho Lee and Minsung Han from Gachon University. They are partially supported by the South Korea Ministry of ICT and Future Planning grant to Gachon University National Program of Excellence in Software.

South Korea Ministry of ICT and Future Planning

History

Publication Date

2018-09-06

Proceedings

Proceedings - 17th IEEE International Conference on Trust, Security and Privacy in Computing and Communications and the 12th IEEE International Conference on Big Data Science and Engineering, Trustcom/BigDataSE 2018

Publisher

Institute of Electrical and Electronics Engineers

Place of publication

Piscataway, NJ

Series

IEEE Trustcom BigDataSE ISPA

Pagination

9p. (p. 551-559)

ISBN-13

9781538643877

ISSN

2324-9013

Name of conference

2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering

Location

New York

Starting Date

2018-07-31

Finshing Date

2018-08-03

Rights Statement

The Author reserves all moral rights over the deposited text and must be credited if any re-use occurs. Documents deposited in OPAL are the Open Access versions of outputs published elsewhere. Changes resulting from the publishing process may therefore not be reflected in this document. The final published version may be obtained via the publisher’s DOI. Please note that additional copyright and access restrictions may apply to the published version.