JOURNAL BROWSE
Search
Advanced SearchSearch Tips
Access Control Mechanism based on MAC for Cloud Convergence
facebook(new window)  Pirnt(new window) E-mail(new window) Excel Download
 Title & Authors
Access Control Mechanism based on MAC for Cloud Convergence
Choi, Eun-Bok; Lee, Sang-Joon;
  PDF(new window)
 Abstract
Cloud computing technology offers function that share each other computer resource, software and infra structure based on network. Virtualization is a very useful technology for operation efficiency of enterprise`s server and reducing cost, but it can be target of new security threat when it is used without considering security. This paper proposes access control mechanism based on MAC(Mandatory Access Control) for cloud convergence that solve various problem that can occur in cloud environment. This mechanism is composed of set of state rules, security characteristics and algorithm. Also, we prove that the machine system with access control mechanism and an initial secure state is a secure system. This policy module of mechanism is expected to not only provide the maintenance but also provide secure resource sharing between virtual machines.
 Keywords
Cloud Computing;Virtualization Security;Access Control;MAC(Mandatory Access Control);Security Policy;
 Language
Korean
 Cited by
1.
효과적인 암환자 관리를 위한 개인건강기록 관리 시스템,송제민;서성보;신문선;한혜숙;박정석;류근호;

디지털융복합연구, 2016. vol.14. 12, pp.65-72 crossref(new window)
1.
Business Satisfaction with Network Access Control(NAC) Solutions for Active Trade : Focussing on Users, The e-Business Studies, 2016, 17, 6, 305  crossref(new windwow)
 References
1.
ITU-T Y.CCDEF, "Information technology-Distributed application platforms and services-cloud computing - Overview and Vocabulary", 2013.

2.
Security Requirements for Server Virutalization System, Telecommunications Technology Association, pp. 1-18, 2013.

3.
F. Sabani, "Virtualization-Level Security in Cloud Computing", International Conference on Communication Software and Networks(ICCSN), pp. 250-254, 2011.

4.
M. Bishop, Computer Security : Art and Science, Addison Welsey, Vol. 200, 2012.

5.
H. Zhu, Y. Xue, Y. Zhang, X. Chen, H. Li, and X. Liu, "V-MLR : A Multilevel Security Model for Virtualization", International Conference on Intelligent Networking and Collaborative Systems(ICINCS), pp. 9-16, 2013.

6.
G. Sala, D. Sgandurra, and F. Baiardi, "Security and Integrity of a Distribute File Storage in a Virtual Environment", IEEE Security In Storage Workshop, pp. 58-69, 2007.

7.
F. Sabahi, "Cloud Computing Security Threats and Responses", International Conference on Communication Software and Networks(ICCSN), pp. 245-249, 2011.

8.
M. Khan, K. Sakamura, "Context-Aware Access Control for Clinical Information Systems", International Conference on Innovations in Information Technology, pp. 123-128, 2012.

9.
T. Y. Win, H. Tianfield, and Q. Mair, "Virtualization Security Combining Mandatory Access Control and Virtual Machine Introspection", International Conference on Utility and Cloud Computing(ICUCC), pp. 1004-1009, 2014.

10.
G. Cheng, H. Jin, D. Zou, A. K. Ohoussou, and F. Zhao, "A Prioritized Chinese Wall Model for Managing the Covert Information Flows in Virtual Machine Systems", International Conference for Young Computer Scientists(ICYCS), pp. 1481-1487, 2008.

11.
A. Corradi, R. Montanari, and D. Tibaldi, "Context-based Access Control for ubiquitous Service Provisioning", Proceedings of the COMPSAC '04, 2004.

12.
K. J. Biba, "Integrity Considerations for Secure Computer Systems", MTR-3153, The Mitre Corporation, 1975.

13.
D. Zou, L. Shi, H. Jin, "DYM-MAC: A Mandatory Access Control System in Distributed Virtual Computing Environment", International Conference on Parallel and Distributed Systems(ICPDS), pp. 556-563, 2009.

14.
D. George, V. Nirmal, "SECCON:A Framework for Applying Access Control Policies in Context-Aware Wireless Networks", World Congress on Computing and Communication Technologies, pp. 268-270, 2014.

15.
National Security Agency, Security-Enhanced Linux(SELinux). http://www.nsa.gov/selinux.

16.
S. Castano, DATABASE SECURITY, ADDISON-WESLEY. pp. 39-60.

17.
M. Blanc, J. Briffaut, J.-F., Lalande, C. Toinard, "Distributed Control Enabling Consistent MAC Policies and IDS based on a Meta-Policy approach", IEEE POLICY'06, 2006.