NUST Institutional Repository
User Centric Access Control Policy Management Framework for Cloud Applications
- DSpace Home
- →
- E-Theses
- →
- SEECS
- →
- Computer Science
- →
- MS
- →
- View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.
| dc.contributor.author | Irum, Misbah | |
| dc.date.accessioned | 2020-10-28T11:17:44Z | |
| dc.date.available | 2020-10-28T11:17:44Z | |
| dc.date.issued | 2014 | |
| dc.identifier.uri | http://10.250.8.41:8080/xmlui/handle/123456789/6677 | |
| dc.description | Supervisor: Dr. Abdul Ghafoor | en_US |
| dc.description.abstract | Cloud computing environment is a collection of various Cloud applications deployed by different Cloud service vendors for their customers. The online availability, variety and easy access of Cloud applications allow users to create, upload and store numerous resources across the Cloud. However, protection of these resources from different security threats in Cloud environment is still a serious concern for the Cloud users. Cloud applications provide diverse and complex authorization and access control mechanisms to different Cloud users. In addition to that access control is also limited and tightly coupled with the functionality of the applications and does not cater the access control requirements of individual users. Securing every resource with different, complex and customized access control solutions is a tedious task and results in poorly protected resources susceptible to unauthorized access which further leads to data theft, identity theft, fraud and different other security threats. In this regard, a new approach to access control in Cloud environment is presented in this research work. It externalizes access control from Cloud applications and enables users to create and manage access control policies on their resources according to their access control requirements. The framework also provides users with a central control point and a standard policy definition language to specify and manage access control on all their resources scattered across the Cloud. We presented the framework and described the protocol which defines the interaction between different components of the system to specify and enforce User-Centric Access Control policies using XACML standards. To show the applicability of the designed framework, we developed a prototype using Google spreadsheet as the Cloud application. The prototype is then validated and verified from security and functional perspectives. To verify the security features of the designed system, a threat model is formulated which identify different security and access control threats and explain the protection mechanisms incorporated within the designed system to eliminate these threats. To check the correctness of the system, various categories of test cases are formulated and performed through JUnit testing. Successful execution of test cases verifies the claims of the user centric access control framework in providing users with the control to define access control policies according to their requirements. | en_US |
| dc.publisher | SEECS, National University of Science & Technology | en_US |
| dc.subject | Centric Access, Policy Management, Cloud Applications, | en_US |
| dc.title | User Centric Access Control Policy Management Framework for Cloud Applications | en_US |
| dc.type | Thesis | en_US |
Files in this item
This item appears in the following Collection(s)
-
MS [375]