Data-Centric Access Control for Cloud Computing
| Title | Data-Centric Access Control for Cloud Computing |
| Publication Type | Conference Paper |
| Year of Publication | 2016 |
| Authors | Pasquier, Thomas, Bacon, Jean, Singh, Jatinder, Eyers, David |
| Conference Name | Proceedings of the 21st ACM on Symposium on Access Control Models and Technologies |
| Publisher | ACM |
| Conference Location | New York, NY, USA |
| ISBN Number | 978-1-4503-3802-8 |
| Keywords | Big Data, big data privacy, big data security, big data security in the cloud, cloud computing, composability, data protection, Human Behavior, Information Centric Networks, Information Flow Control, pubcrawl, Resiliency, Scalability |
| Abstract | The usual approach to security for cloud-hosted applications is strong separation. However, it is often the case that the same data is used by different applications, particularly given the increase in data-driven (`big data' and IoT) applications. We argue that access control for the cloud should no longer be application-specific but should be data-centric, associated with the data that can flow between applications. Indeed, the data may originate outside cloud services from diverse sources such as medical monitoring, environmental sensing etc. Information Flow Control (IFC) potentially offers data-centric, system-wide data access control. It has been shown that IFC can be provided at operating system level as part of a PaaS offering, with an acceptable overhead. In this paper we consider how IFC can be integrated with application-specific access control, transparently from application developers, while building from simple IFC primitives, access control policies that align with the data management obligations of cloud providers and tenants. |
| URL | http://doi.acm.org/10.1145/2914642.2914662 |
| DOI | 10.1145/2914642.2914662 |
| Citation Key | pasquier_data-centric_2016 |