Detection of Access Control Violations in the Secure Sharing of Cloud Storage

Carlos André Batista de Carvalho; Rossana Maria de Castro Andrade; Nazim Agoulmine; Miguel Franklin de Castro

doi:10.5220/0006698701240135

Detection of Access Control Violations in the Secure Sharing of Cloud Storage

Carlos André Batista de Carvalho, Rossana Maria de Castro Andrade, Nazim Agoulmine, Miguel Franklin de Castro

2018

Abstract

A cloud storage service implements security mechanisms to protect users data, including an access control mechanism to enable the data sharing. Thus, it is possible to define users permissions, granting the access only to authorized users. Existing solutions consider that the provider is honest but curious so that the designed mechanisms prevent the access to the files by the provider. However, the possibility of executing illegal transactions is not analyzed, and a malicious provider can perform transactions requested by unauthorized users, resulting in access control violations. In this paper, we propose monitoring and auditing mechanisms to detect these violations. As a result, new attacks are identified, especially those resulting from writing actions requested by users whose permissions were revoked. Colored Petri Nets (CPNs) are used to model and validate our proposal.

Download

Paper Citation

in Harvard Style

Batista de Carvalho C., de Castro Andrade R., Agoulmine N. and Franklin de Castro M. (2018). Detection of Access Control Violations in the Secure Sharing of Cloud Storage.In Proceedings of the 8th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-295-0, pages 124-135. DOI: 10.5220/0006698701240135

in Bibtex Style

@conference{closer18,
author={Carlos André Batista de Carvalho and Rossana Maria de Castro Andrade and Nazim Agoulmine and Miguel Franklin de Castro},
title={Detection of Access Control Violations in the Secure Sharing of Cloud Storage},
booktitle={Proceedings of the 8th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2018},
pages={124-135},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0006698701240135},
isbn={978-989-758-295-0},
}

in EndNote Style

TY - CONF

JO - Proceedings of the 8th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - Detection of Access Control Violations in the Secure Sharing of Cloud Storage
SN - 978-989-758-295-0
AU - Batista de Carvalho C.
AU - de Castro Andrade R.
AU - Agoulmine N.
AU - Franklin de Castro M.
PY - 2018
SP - 124
EP - 135
DO - 10.5220/0006698701240135