Enhancing highly-collaborative access control system using a new role-mapping algorithm

The collaboration among different organizations is considered one of the main benefits of moving applications and services to a cloud computing environment. Unfortunately, this collaboration raises many challenges such as the access of sensitive resources by unauthorized people. Usually, role based...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:International journal of electrical and computer engineering (Malacca, Malacca) Malacca), 2022-06, Vol.12 (3), p.2765
Hauptverfasser: Abdelfattah, Doaa, Hassan, Hesham A., Omara, Fatma A.
Format: Artikel
Sprache:eng
Schlagworte:
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:The collaboration among different organizations is considered one of the main benefits of moving applications and services to a cloud computing environment. Unfortunately, this collaboration raises many challenges such as the access of sensitive resources by unauthorized people. Usually, role based access-control (RBAC) Model is deployed in large organizations. The work in this paper is mainly considering the authorization scalability problem, which comes out due to the increase of shared resources and/or the number of collaborating organizations in the same cloud environment. Therefore, this paper proposes replacing the cross-domain RBAC rules with role-to-role (RTR) mapping rules among all organizations. The RTR mapping rules are generated using a newly proposed role-mapping algorithm. A comparative study has been performed to evaluate the performance of the proposed algorithm with concerning the rule-store size and the authorization response time. According to the results, it is found that the proposed algorithm achieves more saving in the number of stored role-mapping rules which minimizes the rule-store size and reduces the authorization response time. Additionally, the RTR model using the proposed algorithm has been implemented by applying a concurrent approach to achieve more saving in the authorization response time. Therefore, it would be suitable in highly-collaborative cloud environments
ISSN:2088-8708
2722-2578
2088-8708
DOI:10.11591/ijece.v12i3.pp2765-2782