Professional Documents
Culture Documents
net/publication/315798618
CITATIONS READS
3 137
5 authors, including:
3 PUBLICATIONS 23 CITATIONS
Asia Pacific University of Technology and Innovation
21 PUBLICATIONS 309 CITATIONS
SEE PROFILE
SEE PROFILE
All content following this page was uploaded by Milad Chizari on 06 April 2017.
3 4 5
Mohamm
mad Eslami Moham
ammad Javad
d Golkar Mostaafa Vali
Dept.
D of Electriical & Compuuter, Faculty off Electrical and
d Computer Faculty of Computing
C
College
C of Enggineering, Islammic Imam Mohhamad Bagherr University Asia Pacificc University
Azad
A Universitty, Zahedan, Iran
I Sari, Iran Kuala Lumpur, Malaysia
mohammad.es
m slami@chmaill.ir javad.goolkar.1368@gm mail.com ahmadi@aapu.edu.my
Abbstract— Clou ud computing is i a newfound d service that h has a research area and specific detai
ails about the identified
i issuues in
rapidd growth in IIT industry during
d recent years. Despitte the acceess control and
d user authenttication researrches.
nology there arre some issues such
severral advantagess of this techn
as security
s and privacy that affect the reliability of ccloud
comp puting models.. Access controol and user autthentication arre the
mostt important seecurity issues in cloud com mputing. Thereefore, II.. CLOUD COM THE MOST CHALLENGING ISSUE
MPUTING AND T S
the research haas been prep pared to pro ovide the ovverall Cloud computing is new w model of widely
w distribbuted
inforrmation aboutt this securityy concerns and specific d details commputing that ussers the conceepts of virtualiization and stoorage
abouut the identtified issues in access control c and user
to store
s resourcees and share them betweeen computerss and
auth
hentication ressearches. Therrefore, cloud computing
c bennefits
and disadvantagess have been explained
e in the
t first part.. The otheer devices [1]. In this emergging technoloogy, users cann deal
seconnd part revviewed some of access control c and user with
h a service without anyy clue of where w the actual
a
auth
hentication aalgorithms an nd identifyin ng benefits and infra
astructure is located
l and wwhat technolo ogy is used beehind
weakknesses of eacch algorithm. The main aim m of this survvey is the scenes to manage
m and ccontrol the infrastructure
i e [2].
considering limitattions and probblems of previous research iin the Desp pite to the sev
veral advantagges of cloud computing
c such as
reseaarch area to ffind out the most
m challenging issue in aaccess unlimmited storagee and increasining the efficieency of compputing
contrrol and user au
uthentication algorithms.
a proccesses, there are
a several cooncerns abou ut the securityy and
privacy in cloud computing
c ennvironments. Figure
F 1 show ws the
Index Terms — Cloud Coomputing, Acccess Control, User
Auth
hentication, Seecurity, Privacyy.
advaantages and diisadvantages oof cloud comp puting in brieff [3].
I. INTRO
ODUCTION
Cloud
C computting is a neewfound tech hnology thatt has
undeeniable grow wth in IT inddustry. This survey has been
pared accordinng to three main purposes: The first purrpose
prep
is describing
d an overall overrview about cloud compuuting
conccepts, securityy issues in clloud computin ng, access coontrol
methhods, and challlenging issuees in user authentication proocess.
The second aim iis reviewing some
s of accesss control andd user
auth
hentication aalgorithms annd identifyin ng benefits and
weak knesses of eaach algorithm. The last goaal of this survvey is
conssidering limitaations and prooblems of preevious researcch in
the research areaa to find out the most challenging issuue in
acceess control andd user authenttication algoritthms.
According
A to tthese tasks, the
t research has
h been preppared
and described to provide the overall inforrmation abouut the
Fig.
F 1. Pros and C
Cons in Cloud Com
mputing
One of the most challenging issues in cloud computing Attribute Set Based Encryption and Access Control Model
environments is managing access controls and user (ASBE).
authentication in public and private cloud and for sharing or
In 2010, Li et al. [6] proposed a model to achieve fine-
individual processes [4]. According to these issues, there are
grained access control based on attribute encryption by
many algorithms and models that were identified and
preventing the illegal key sharing among colluding users is
described by several researchers to resolve these challenging
missing from the existing access control systems based on
problems. Some of these algorithms and models have been
attribute based encryption. For this purpose, access control
described in next section to identifying the strengths and
policies based on data attributes was defined and enforced.
weaknesses of each research or product.
Moreover, in this model, user accountability was implemented
by using traitor tracing and broadcast encryption methods to
support user grant and revocation. The following figure shows
III. ACCESS CONTROLS AND USER AUTHENTICATION MODELS the architecture of the suggested model by Li et al. (2010): in
There are several access control and user authentication this model, user accountability was implemented by using
models that were proposed to enhance the rate of reliability in traitor tracing and broadcast encryption methods to support
cloud computing environments. Wan et al. [5] proposed a user grant and revocation. Figure 3 shows the architecture of
cloud computing model with five types of parties: the suggested model by Li et al. (2010):