Skip to main content

Research Repository

See what's under the surface

Advanced Search

Towards a legislation driven framework for access control and privacy protection in public cloud

Rahmouni Boussi, Hanene

Authors



Abstract

Cloud computing is an emerging IT paradigm proving cost reduction and flexibility benefits. However security and privacy are serious issues challenging its adoption and sustainability in both social and commercial areas. Public clouds, in particular, present a controversial which is brought up by the need to exchange critical and protected data (even sensitive) between heterogeneous domains that are governed by multiple legislation. Access control is one of the essential and traditional security arms of data protection. However, in the context of open and dynamic environments such as clouds, access control becomes more complicated. This is because the security policies, models and related mechanisms have to be defined across various security domains and enforced in an integrated manner as required. Thus, improving the current access control paradigms is crucial in order to ensure privacy compliance in open and heterogeneous environments. In this paper, we propose a framework that is driven by legislation and which aims to assure an access control that preserves privacy while dealing with personal data hosted in public clouds. In addition, the proposed framework deals with the problem of interoperability between heterogeneous policies governing the processing of personal data on a cloud environment. In this regards, the need for access control delegation is also presented and tackled.

Journal Article Type Article
Publication Date Feb 12, 2014
Journal Proceedings of the 11th International Conference on Security and Cryptography
Print ISSN 114744
Peer Reviewed Peer Reviewed
APA6 Citation Rahmouni Boussi, H. (2014). Towards a legislation driven framework for access control and privacy protection in public cloud
;