SlideShare a Scribd company logo

Access control data security

rajab ssemwogerere
rajab ssemwogerere

Access control, Data security and privacy

Technology
1 of 3
Download to read offline
SOME NEW RESEARCH DEVELOPMENTS IN ACCESS CONTROL Rajab Ssemwogerere & Wamwoyo Faruk 2019/HD03/29911U & 2019/HD05/25248U College of Computing and Information Sciences srajab@cis.mak.ac.ug,faroukissa85@gmail.com 1. Introduction Internet of things (IoT) bridges communication between different things or devices such as wireless sensors, smart devices like mobile phones among others to the internet. According to Cisco predictive analytics, more than 50 billion devices will be connected to the internet, because every node can be a provider on that specific network domain[1, 2]. Due to this factor, there will be an increase on the number of network nodes hence increasing the volume of data created by the large number of connected devices. Secondly, a group of economists Gantz, J et al. [3] by 2005 humans had created 130 Exabyte’s of data, 2010 data increased to 1,200, by 2015 it increased to 7,900 Exabyte’s and he predicted that, by 2020 there will be approximately 40,900 Exabyte’s of Data. Considering to some of these factors, Cloud computing technology was implemented to handle these circumstances. But unfortunately, the demands exceeded the level of achievement of cloud services. Cisco introduced fog computing technology that ensures all possible network devices interlinked to fog devices, fog devices which are then linked to the cloud. These devices collect all the users’ data, preprocess it, and then link it to the cloud. All data is collected at one central location, threats like man-in-middle attacks are probable, and there is need for proper security and access control mechanisms for the smoothness of this technology. Security vulnerabilities pave as a result of poorly constructed system or software cybercriminals finding it easy to exploit the organization or companies Data. Access control is critically important for any organization to ensure security of Data or any piece of information [1, 2, 4, 5]. Access control is a fundamental component of security through which users are granted physical or logical access rights to systems, places, shared resources, data or information[5]. Policies clarify the major objectives of the system or organization, rules ideally interpret these policies into a more clearly manageable state of a Boolean decision (ALLOW or DENY) upon an access request. In this paper, layout of our work follows; the two recent studies in access control identifying what they address, their findings and also what could be investigated as a consequence of their work and then lastly, the conclusion. 2. Recent studies in Access Control Zhang, Peng et al. [1] made a comprehensive survey of Access control of users’ data in the environment of fog computing highlighting the security vulnerabilities, problems and challenges. Younis, Kifayat et al. [4] illustrated a novel cloud based access control criteria presenting a list of factors and properties affecting proposing and evaluating of cloud based access control models reviewing significant challenge and obstacle to cloud computing security. Beckerle, Matthias et al. [5] introduced a security and metrics approach that quantify how usable access control rule sets are, providing an approach that offers a uniform and scientific method for comparing different rule sets that can be used as an optimization criteria to generate usable access control rule sets and to improve their manageability. 2.1 Formal definitions for Usable Access Control Rule sets from goals to Metrics. 2.1.1 Authors’ contribution From the results that correlate with the objectives; From the pilot study, the authors derived six goals for building usable access control rule sets, which are currently used by experts to evaluate rule sets The authors’ introduced security and usability metrics that quantify how usable access control rule sets are, obtained a set of six formal definitions for security and usability properties of access control rule sets; allow no more than the owner wants to be allowed, allow everything the owner wants to be allowed, a rule must not be fully covered by another rule of the same rule set, two rules belonging to the same rule set must not conflict, minimize the number of rule set elements and minimize maintenance effort in a changing system. Hence providing means for obtaining usable access control rule sets that, reflect to the access control policies and secondly, access control rule sets that are easy to understand and manage.
The authors’ also provided an approach that offers a uniform and scientific method for computing different rule sets that can be used as optimization criteria to generate usable access control rule sets to improve their manageability through formalizing and implementing tools to measure and compare different rule sets automatically, hence authors’ achieving their objectives. 2.1.2 Authors’ motivation to carry out specific work This section summaries the research gap of [6-8], The authors’ realized that access control rule sets that formulate access control policies, the task of generating and managing them is not trivial or meaningful. They presented a novel approach to support generating sound and manageable usable access control rule sets that could compare analyze access control rule sets automatically. 2.1.3 Extra studies the Contribution of the authors’ could have brought. This section summaries the authors’ recommendation and further study. The set of six goals is not comprehensive as other metrics where not included in that set for instance, the design of the User interface which wasn’t mentioned during the interviews of the pilot study but considered an important aspect for the less experienced users, additionally, indirect interdependency of rules, which may impact the usability of rule sets. Including these metrics could lead to better rule sets, but to determine their relevance would require their further testing and evaluation. Also the metrics that where presented were independent of the attribution of costs and extract extension of this work would introduce cost functions for the some specific metric sets. Optimizing a criterion could affect other criteria, therefore it is important to evaluate dependencies between criteria in future work and also design a tool that can be integrated in the daily working environment to actively help users to produce usable access control rule sets. 2.2 A Survey on Access control in Fog Computing. 2.2.1 Authors’ contribution From the results that correlate with the objectives; The authors’ discussed the developing definitions of fog computing, made comparisons among these definitions as defined by different scholars, spotting out some of the key terms used; heterogeneous, ubiquity, distribution and cloud interaction. Basing on the authors’ comparisons the authors with these key terms, they justified them as advantages of fog computing and cloud computing and the two coexist. Analyzed the security challenges in fog computing and verified that access control is a fundamental requirement to ensure security, then provided a comprehensive survey of access control on users’ data in the environment of fog computing with the aim of highlighting security problems and challenges. The authors’ provided requirements and taxonomies in order to build a secure and efficient access control in the environment of fog computing, the following requirements have to be taken into consideration namely,  Latency, access control systems in fog computing must grant access decisions to end users in a reasonable time.  Efficiency of access control is still a challenge for any access control system which may lead to the decision process being delayed causing latency to other parts of the network.  Generality; services of fog computing are based on various techniques having differences in hardware and software. They require generic APIs to deal with the existing APIs and protocols.  Aggregation needs to be done since data is collected by user devices that are located in different geographical locations in order to reduce latency and get meaningful data.  Privacy protection is unavoidable due to the decentralized architecture, protecting the privacy of data is a critical requirement in fog access control.  Resource restriction; is the main requirement of fog access control because the computation resources at the client side and the edge of the network are limited.  Policy management; the access control model in fog computing must have the ability to support releasing, invoking, and deleting or creating a policy. 2.2.2 Authors’ motivation to carry out specific work Sharing resources among potential untrusted tenants on fog devices increases the risk of side-channel attacks like the man-in-the-middle attacks on the fog devices, the authors’ to rethink possible problems of access control and security caused by virtualization and multi-tenancy. Additionally, the interference of multi-tenancy computation may lead to unauthorized information flow, and the same problems which also exist in cloud computing. 2.1.3 Extra studies the Contribution of the authors’ could have brought. Attribute based encryption access control (ABE), data owner who formulates access policies through attributes that indicate what kind of users can or cannot access the data. All data is encrypted and stored in the fog devices and cloud servers; thus, side-channel attacks because of sharing of physical resources are in vain. However, due to the unique requirements of fog computing, access control schemes of cloud computing perhaps not suitable for fog computing directly. Constructing the ABE-based access control that works best for fog computing deserves further research, to realize fine-grained, cryptographically enforced access control mechanisms in fog computing.
3. Conclusion In our work, we have comprehensively explored security and access control. We reviewed some of the existing work about access control and highlighted the authors’ contributions, authors’ motivation to carry out that specific work and some extra studies the contribution of the author could have brought, providing potential future research directions, explore and achieve better and more resourceful objectives for each of the new work in the future. References 1 Zhang, P., Liu, J.K., Yu, F.R., Sookhak, M., Au, M.H., and Luo, X.: ‘A survey on access control in fog computing’, IEEE Communications Magazine, 2018, 56, (2), pp. 144-149 2 Tourani, R., Misra, S., Mick, T., and Panwar, G.: ‘Security, privacy, and access control in information- centric networking: A survey’, IEEE communications surveys & tutorials, 2017, 20, (1), pp. 566-600 3 Gantz, J., and Reinsel, D.: ‘The digital universe in 2020: Big data, bigger digital shadows, and biggest growth in the far east’, IDC iView: IDC Analyze the future, 2012, 2007, (2012), pp. 1-16 4 Younis, Y.A., Kifayat, K., and Merabti, M.: ‘A novel evaluation criteria to cloud based access control models’, in Editor (Ed.)^(Eds.): ‘Book A novel evaluation criteria to cloud based access control models’ (IEEE, 2015, edn.), pp. 68-73 5 Beckerle, M., and Martucci, L.A.: ‘Formal definitions for usable access control rule sets from goals to metrics’, in Editor (Ed.)^(Eds.): ‘Book Formal definitions for usable access control rule sets from goals to metrics’ (ACM, 2013, edn.), pp. 2 6 Bauer, L., Cranor, L.F., Reeder, R.W., Reiter, M.K., and Vaniea, K.: ‘Real life challenges in access- control management’, in Editor (Ed.)^(Eds.): ‘Book Real life challenges in access-control management’ (ACM, 2009, edn.), pp. 899-908 7 Latham, D.C.: ‘Department of defense trusted computer system evaluation criteria’, Department of Defense, 1986 8 Smetters, D.K., and Good, N.: ‘How users use access control’, in Editor (Ed.)^(Eds.): ‘Book How users use access control’ (ACM, 2009, edn.), pp. 15

Recommended

Validation of early testing method for e government projects by requirement ...
Validation of early testing method for e government projects by requirement ...Validation of early testing method for e government projects by requirement ...
Validation of early testing method for e government projects by requirement ...Conference Papers
 
AUTHENTICATE SYSTEM OBJECTS USING ACCESS CONTROL POLICY BASED MANAGEMENT
AUTHENTICATE SYSTEM OBJECTS USING ACCESS CONTROL POLICY BASED MANAGEMENTAUTHENTICATE SYSTEM OBJECTS USING ACCESS CONTROL POLICY BASED MANAGEMENT
AUTHENTICATE SYSTEM OBJECTS USING ACCESS CONTROL POLICY BASED MANAGEMENTEditor IJCATR
 
G1803044045
G1803044045G1803044045
G1803044045IOSR Journals
 
F1803042939
F1803042939F1803042939
F1803042939IOSR Journals
 
J1803045759
J1803045759J1803045759
J1803045759IOSR Journals
 
H1803044651
H1803044651H1803044651
H1803044651IOSR Journals
 
Taubenberger
TaubenbergerTaubenberger
Taubenbergeranesah
 
Super convergence of autonomous things
Super convergence of autonomous thingsSuper convergence of autonomous things
Super convergence of autonomous thingsConference Papers
 

Recommended

Validation of early testing method for e government projects by requirement ...
Validation of early testing method for e government projects by requirement ...Validation of early testing method for e government projects by requirement ...
Validation of early testing method for e government projects by requirement ...Conference Papers
 
AUTHENTICATE SYSTEM OBJECTS USING ACCESS CONTROL POLICY BASED MANAGEMENT
AUTHENTICATE SYSTEM OBJECTS USING ACCESS CONTROL POLICY BASED MANAGEMENTAUTHENTICATE SYSTEM OBJECTS USING ACCESS CONTROL POLICY BASED MANAGEMENT
AUTHENTICATE SYSTEM OBJECTS USING ACCESS CONTROL POLICY BASED MANAGEMENTEditor IJCATR
 
G1803044045
G1803044045G1803044045
G1803044045IOSR Journals
 
F1803042939
F1803042939F1803042939
F1803042939IOSR Journals
 
J1803045759
J1803045759J1803045759
J1803045759IOSR Journals
 
H1803044651
H1803044651H1803044651
H1803044651IOSR Journals
 
Taubenberger
TaubenbergerTaubenberger
Taubenbergeranesah
 
Super convergence of autonomous things
Super convergence of autonomous thingsSuper convergence of autonomous things
Super convergence of autonomous thingsConference Papers
 
Iaetsd database intrusion detection using
Iaetsd database intrusion detection usingIaetsd database intrusion detection using
Iaetsd database intrusion detection usingIaetsd Iaetsd
 
A Proposed Security Model for Web Enabled Business Process Management System
A Proposed Security Model for Web Enabled Business Process Management SystemA Proposed Security Model for Web Enabled Business Process Management System
A Proposed Security Model for Web Enabled Business Process Management SystemCSCJournals
 
Cloudcomputingthesis
CloudcomputingthesisCloudcomputingthesis
CloudcomputingthesisDeepak Chiripal
 
Abstraction and Automation: A Software Design Approach for Developing Secure ...
Abstraction and Automation: A Software Design Approach for Developing Secure ...Abstraction and Automation: A Software Design Approach for Developing Secure ...
Abstraction and Automation: A Software Design Approach for Developing Secure ...iosrjce
 
Automated policy compliance and
Automated policy compliance andAutomated policy compliance and
Automated policy compliance andcsandit
 
MUSES: A Corporate User-Centric System which Applies Computational Intelligen...
MUSES: A Corporate User-Centric System which Applies Computational Intelligen...MUSES: A Corporate User-Centric System which Applies Computational Intelligen...
MUSES: A Corporate User-Centric System which Applies Computational Intelligen...Antonio Mora
 
IRJET- ESBA based Privacy Protection in OSCS
IRJET- ESBA based Privacy Protection in OSCSIRJET- ESBA based Privacy Protection in OSCS
IRJET- ESBA based Privacy Protection in OSCSIRJET Journal
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniqueseSAT Journals
 
Survey mobile app
Survey mobile appSurvey mobile app
Survey mobile appeSAT Journals
 
Developing User Authentication by Knowledge Based Authentication Scheme in G...
Developing User Authentication by Knowledge Based Authentication Scheme in G... Developing User Authentication by Knowledge Based Authentication Scheme in G...
Developing User Authentication by Knowledge Based Authentication Scheme in G...IJCSIS Research Publications
 
G45014345
G45014345G45014345
G45014345IJERA Editor
 
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...CSCJournals
 
Audit Sample Report
Audit Sample ReportAudit Sample Report
Audit Sample ReportRandy James
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardConference Papers
 
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM csandit
 
ENVISIONING AND IMPLEMENTING PROJECT IN REAL TIME (AN ALGORITHMIC APPROACH)
ENVISIONING AND IMPLEMENTING PROJECT IN REAL TIME (AN ALGORITHMIC APPROACH)ENVISIONING AND IMPLEMENTING PROJECT IN REAL TIME (AN ALGORITHMIC APPROACH)
ENVISIONING AND IMPLEMENTING PROJECT IN REAL TIME (AN ALGORITHMIC APPROACH)International Journal of Technical Research & Application
 
CIS 349 Imagine Your Future/newtonhelp.com   
CIS 349 Imagine Your Future/newtonhelp.com   CIS 349 Imagine Your Future/newtonhelp.com   
CIS 349 Imagine Your Future/newtonhelp.com   bellflower46
 
Reseach paper-mla-sample
Reseach paper-mla-sampleReseach paper-mla-sample
Reseach paper-mla-sampleCheap Custom Writing
 
A provenance policy based access
A provenance policy based accessA provenance policy based access
A provenance policy based accessijsptm
 
Cloud Storage and Security
Cloud Storage and SecurityCloud Storage and Security
Cloud Storage and SecurityShashank Srivastava
 
IRJET- Analysis of using Software Defined and Service Coherence Approach
IRJET- Analysis of using Software Defined and Service Coherence ApproachIRJET- Analysis of using Software Defined and Service Coherence Approach
IRJET- Analysis of using Software Defined and Service Coherence ApproachIRJET Journal
 
SURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEM
SURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEMSURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEM
SURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEMijiert bestjournal
 

More Related Content

What's hot

Iaetsd database intrusion detection using
Iaetsd database intrusion detection usingIaetsd database intrusion detection using
Iaetsd database intrusion detection usingIaetsd Iaetsd
 
A Proposed Security Model for Web Enabled Business Process Management System
A Proposed Security Model for Web Enabled Business Process Management SystemA Proposed Security Model for Web Enabled Business Process Management System
A Proposed Security Model for Web Enabled Business Process Management SystemCSCJournals
 
Abstraction and Automation: A Software Design Approach for Developing Secure ...
Abstraction and Automation: A Software Design Approach for Developing Secure ...Abstraction and Automation: A Software Design Approach for Developing Secure ...
Abstraction and Automation: A Software Design Approach for Developing Secure ...iosrjce
 
Automated policy compliance and
Automated policy compliance andAutomated policy compliance and
Automated policy compliance andcsandit
 
MUSES: A Corporate User-Centric System which Applies Computational Intelligen...
MUSES: A Corporate User-Centric System which Applies Computational Intelligen...MUSES: A Corporate User-Centric System which Applies Computational Intelligen...
MUSES: A Corporate User-Centric System which Applies Computational Intelligen...Antonio Mora
 
IRJET- ESBA based Privacy Protection in OSCS
IRJET- ESBA based Privacy Protection in OSCSIRJET- ESBA based Privacy Protection in OSCS
IRJET- ESBA based Privacy Protection in OSCSIRJET Journal
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniqueseSAT Journals
 
Developing User Authentication by Knowledge Based Authentication Scheme in G...
Developing User Authentication by Knowledge Based Authentication Scheme in G... Developing User Authentication by Knowledge Based Authentication Scheme in G...
Developing User Authentication by Knowledge Based Authentication Scheme in G...IJCSIS Research Publications
 
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...CSCJournals
 
Audit Sample Report
Audit Sample ReportAudit Sample Report
Audit Sample ReportRandy James
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardConference Papers
 
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM csandit
 
CIS 349 Imagine Your Future/newtonhelp.com   
CIS 349 Imagine Your Future/newtonhelp.com   CIS 349 Imagine Your Future/newtonhelp.com   
CIS 349 Imagine Your Future/newtonhelp.com   bellflower46
 

What's hot (18)

Iaetsd database intrusion detection using
Iaetsd database intrusion detection usingIaetsd database intrusion detection using
Iaetsd database intrusion detection using
 
A Proposed Security Model for Web Enabled Business Process Management System
A Proposed Security Model for Web Enabled Business Process Management SystemA Proposed Security Model for Web Enabled Business Process Management System
A Proposed Security Model for Web Enabled Business Process Management System
 
Cloudcomputingthesis
CloudcomputingthesisCloudcomputingthesis
Cloudcomputingthesis
 
Abstraction and Automation: A Software Design Approach for Developing Secure ...
Abstraction and Automation: A Software Design Approach for Developing Secure ...Abstraction and Automation: A Software Design Approach for Developing Secure ...
Abstraction and Automation: A Software Design Approach for Developing Secure ...
 
Automated policy compliance and
Automated policy compliance andAutomated policy compliance and
Automated policy compliance and
 
MUSES: A Corporate User-Centric System which Applies Computational Intelligen...
MUSES: A Corporate User-Centric System which Applies Computational Intelligen...MUSES: A Corporate User-Centric System which Applies Computational Intelligen...
MUSES: A Corporate User-Centric System which Applies Computational Intelligen...
 
IRJET- ESBA based Privacy Protection in OSCS
IRJET- ESBA based Privacy Protection in OSCSIRJET- ESBA based Privacy Protection in OSCS
IRJET- ESBA based Privacy Protection in OSCS
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniques
 
Survey mobile app
Survey mobile appSurvey mobile app
Survey mobile app
 
Developing User Authentication by Knowledge Based Authentication Scheme in G...
Developing User Authentication by Knowledge Based Authentication Scheme in G... Developing User Authentication by Knowledge Based Authentication Scheme in G...
Developing User Authentication by Knowledge Based Authentication Scheme in G...
 
G45014345
G45014345G45014345
G45014345
 
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...
Software Reliability and Quality Assurance Challenges in Cyber Physical Syste...
 
Audit Sample Report
Audit Sample ReportAudit Sample Report
Audit Sample Report
 
Narrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forwardNarrative of digital signature technology and moving forward
Narrative of digital signature technology and moving forward
 
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
ADAPTIVE AUTHENTICATION: A CASE STUDY FOR UNIFIED AUTHENTICATION PLATFORM
 
ENVISIONING AND IMPLEMENTING PROJECT IN REAL TIME (AN ALGORITHMIC APPROACH)
ENVISIONING AND IMPLEMENTING PROJECT IN REAL TIME (AN ALGORITHMIC APPROACH)ENVISIONING AND IMPLEMENTING PROJECT IN REAL TIME (AN ALGORITHMIC APPROACH)
ENVISIONING AND IMPLEMENTING PROJECT IN REAL TIME (AN ALGORITHMIC APPROACH)
 
CIS 349 Imagine Your Future/newtonhelp.com   
CIS 349 Imagine Your Future/newtonhelp.com   CIS 349 Imagine Your Future/newtonhelp.com   
CIS 349 Imagine Your Future/newtonhelp.com   
 
Reseach paper-mla-sample
Reseach paper-mla-sampleReseach paper-mla-sample
Reseach paper-mla-sample
 

Similar to Access control data security

A provenance policy based access
A provenance policy based accessA provenance policy based access
A provenance policy based accessijsptm
 
IRJET- Analysis of using Software Defined and Service Coherence Approach
IRJET- Analysis of using Software Defined and Service Coherence ApproachIRJET- Analysis of using Software Defined and Service Coherence Approach
IRJET- Analysis of using Software Defined and Service Coherence ApproachIRJET Journal
 
SURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEM
SURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEMSURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEM
SURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEMijiert bestjournal
 
Enhancing highly-collaborative access control system using a new role-mappin...
Enhancing highly-collaborative access control system using a new role-mappin...Enhancing highly-collaborative access control system using a new role-mappin...
Enhancing highly-collaborative access control system using a new role-mappin...IJECEIAES
 
Extensive Security and Performance Analysis Shows the Proposed Schemes Are Pr...
Extensive Security and Performance Analysis Shows the Proposed Schemes Are Pr...Extensive Security and Performance Analysis Shows the Proposed Schemes Are Pr...
Extensive Security and Performance Analysis Shows the Proposed Schemes Are Pr...IJERA Editor
 
An Enhancement Role and Attribute Based Access Control Mechanism in Big Data
An Enhancement Role and Attribute Based Access Control Mechanism in Big Data An Enhancement Role and Attribute Based Access Control Mechanism in Big Data
An Enhancement Role and Attribute Based Access Control Mechanism in Big Data IJECEIAES
 
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...IJNSA Journal
 
C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...
C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...
C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...csandit
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)inventionjournals
 
A novel defect detection method for software requirements inspections
A novel defect detection method for software requirements inspections A novel defect detection method for software requirements inspections
A novel defect detection method for software requirements inspections IJECEIAES
 
Enhanced Feature Analysis Framework for Comparative Analysis & Evaluation of ...
Enhanced Feature Analysis Framework for Comparative Analysis & Evaluation of ...Enhanced Feature Analysis Framework for Comparative Analysis & Evaluation of ...
Enhanced Feature Analysis Framework for Comparative Analysis & Evaluation of ...IJCSIS Research Publications
 
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...idescitation
 
Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...
Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...
Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...ijcsta
 
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...IJNSA Journal
 
IRJET- Privacy Preserving and Proficient Identity Search Techniques for C...
IRJET- Privacy Preserving and Proficient Identity Search Techniques for C...IRJET- Privacy Preserving and Proficient Identity Search Techniques for C...
IRJET- Privacy Preserving and Proficient Identity Search Techniques for C...IRJET Journal
 

Similar to Access control data security (20)

A provenance policy based access
A provenance policy based accessA provenance policy based access
A provenance policy based access
 
Cloud Storage and Security
Cloud Storage and SecurityCloud Storage and Security
Cloud Storage and Security
 
IRJET- Analysis of using Software Defined and Service Coherence Approach
IRJET- Analysis of using Software Defined and Service Coherence ApproachIRJET- Analysis of using Software Defined and Service Coherence Approach
IRJET- Analysis of using Software Defined and Service Coherence Approach
 
SURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEM
SURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEMSURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEM
SURVEY ON DYNAMIC DATA SHARING IN PUBLIC CLOUD USING MULTI-AUTHORITY SYSTEM
 
Enhancing highly-collaborative access control system using a new role-mappin...
Enhancing highly-collaborative access control system using a new role-mappin...Enhancing highly-collaborative access control system using a new role-mappin...
Enhancing highly-collaborative access control system using a new role-mappin...
 
Extensive Security and Performance Analysis Shows the Proposed Schemes Are Pr...
Extensive Security and Performance Analysis Shows the Proposed Schemes Are Pr...Extensive Security and Performance Analysis Shows the Proposed Schemes Are Pr...
Extensive Security and Performance Analysis Shows the Proposed Schemes Are Pr...
 
An Enhancement Role and Attribute Based Access Control Mechanism in Big Data
An Enhancement Role and Attribute Based Access Control Mechanism in Big Data An Enhancement Role and Attribute Based Access Control Mechanism in Big Data
An Enhancement Role and Attribute Based Access Control Mechanism in Big Data
 
Sub1582
Sub1582Sub1582
Sub1582
 
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...
 
publishable paper
publishable paperpublishable paper
publishable paper
 
C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...
C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...
C RITICAL A SSESSMENT OF A UDITING C ONTRIBUTIONS T O E FFECTIVE AND E FF...
 
International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)International Journal of Engineering and Science Invention (IJESI)
International Journal of Engineering and Science Invention (IJESI)
 
A novel defect detection method for software requirements inspections
A novel defect detection method for software requirements inspections A novel defect detection method for software requirements inspections
A novel defect detection method for software requirements inspections
 
Enhanced Feature Analysis Framework for Comparative Analysis & Evaluation of ...
Enhanced Feature Analysis Framework for Comparative Analysis & Evaluation of ...Enhanced Feature Analysis Framework for Comparative Analysis & Evaluation of ...
Enhanced Feature Analysis Framework for Comparative Analysis & Evaluation of ...
 
J017325660
J017325660J017325660
J017325660
 
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
Trust Assessment Policy Manager in Cloud Computing – Cloud Service Provider’s...
 
Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...
Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...
Distributed and Typed Role-based Access Control Mechanisms Driven by CRUD Exp...
 
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...
CLOUD BASED ACCESS CONTROL MODEL FOR SELECTIVE ENCRYPTION OF DOCUMENTS WITH T...
 
IRJET- Privacy Preserving and Proficient Identity Search Techniques for C...
IRJET- Privacy Preserving and Proficient Identity Search Techniques for C...IRJET- Privacy Preserving and Proficient Identity Search Techniques for C...
IRJET- Privacy Preserving and Proficient Identity Search Techniques for C...
 
Print report
Print reportPrint report
Print report
 

More from rajab ssemwogerere

Define cancer treatment using knn and naive bayes algorithms
Define cancer treatment using knn and naive bayes algorithmsDefine cancer treatment using knn and naive bayes algorithms
Define cancer treatment using knn and naive bayes algorithmsrajab ssemwogerere
 

More from rajab ssemwogerere (6)

Presentation machine learning
Presentation machine learningPresentation machine learning
Presentation machine learning
 
Define cancer treatment using knn and naive bayes algorithms
Define cancer treatment using knn and naive bayes algorithmsDefine cancer treatment using knn and naive bayes algorithms
Define cancer treatment using knn and naive bayes algorithms
 
Data security and privacy
Data security and privacyData security and privacy
Data security and privacy
 
Evaluate procedures
Evaluate proceduresEvaluate procedures
Evaluate procedures
 
Application virtualization
Application virtualizationApplication virtualization
Application virtualization
 
Map reduce presentation
Map reduce presentationMap reduce presentation
Map reduce presentation
 

Recently uploaded

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsEnterprise Knowledge
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxLBM Solutions
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Paola De la Torre
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking MenDelhi Call girls
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking MenDelhi Call girls
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationSafe Software
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationRidwan Fadjar
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationSafe Software
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Allon Mureinik
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxKatpro Technologies
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphNeo4j
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticscarlostorres15106
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking MenDelhi Call girls
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreternaman860154
 

Recently uploaded (20)

Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
IAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI SolutionsIAC 2024 - IA Fast Track to Search Focused AI Solutions
IAC 2024 - IA Fast Track to Search Focused AI Solutions
 
Key Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptxKey Features Of Token Development (1).pptx
Key Features Of Token Development (1).pptx
 
Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101Salesforce Community Group Quito, Salesforce 101
Salesforce Community Group Quito, Salesforce 101
 
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
08448380779 Call Girls In Diplomatic Enclave Women Seeking Men
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men08448380779 Call Girls In Greater Kailash - I Women Seeking Men
08448380779 Call Girls In Greater Kailash - I Women Seeking Men
 
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry InnovationBeyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
Beyond Boundaries: Leveraging No-Code Solutions for Industry Innovation
 
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
Transcript: #StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
My Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 PresentationMy Hashitalk Indonesia April 2024 Presentation
My Hashitalk Indonesia April 2024 Presentation
 
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time AutomationFrom Event to Action: Accelerate Your Decision Making with Real-Time Automation
From Event to Action: Accelerate Your Decision Making with Real-Time Automation
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)Injustice - Developers Among Us (SciFiDevCon 2024)
Injustice - Developers Among Us (SciFiDevCon 2024)
 
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptxFactors to Consider When Choosing Accounts Payable Services Providers.pptx
Factors to Consider When Choosing Accounts Payable Services Providers.pptx
 
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge GraphSIEMENS: RAPUNZEL – A Tale About Knowledge Graph
SIEMENS: RAPUNZEL – A Tale About Knowledge Graph
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmaticsKotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
Kotlin Multiplatform & Compose Multiplatform - Starter kit for pragmatics
 
08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men08448380779 Call Girls In Civil Lines Women Seeking Men
08448380779 Call Girls In Civil Lines Women Seeking Men
 
Presentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreterPresentation on how to chat with PDF using ChatGPT code interpreter
Presentation on how to chat with PDF using ChatGPT code interpreter
 

Access control data security

  • 1. SOME NEW RESEARCH DEVELOPMENTS IN ACCESS CONTROL Rajab Ssemwogerere & Wamwoyo Faruk 2019/HD03/29911U & 2019/HD05/25248U College of Computing and Information Sciences srajab@cis.mak.ac.ug,faroukissa85@gmail.com 1. Introduction Internet of things (IoT) bridges communication between different things or devices such as wireless sensors, smart devices like mobile phones among others to the internet. According to Cisco predictive analytics, more than 50 billion devices will be connected to the internet, because every node can be a provider on that specific network domain[1, 2]. Due to this factor, there will be an increase on the number of network nodes hence increasing the volume of data created by the large number of connected devices. Secondly, a group of economists Gantz, J et al. [3] by 2005 humans had created 130 Exabyte’s of data, 2010 data increased to 1,200, by 2015 it increased to 7,900 Exabyte’s and he predicted that, by 2020 there will be approximately 40,900 Exabyte’s of Data. Considering to some of these factors, Cloud computing technology was implemented to handle these circumstances. But unfortunately, the demands exceeded the level of achievement of cloud services. Cisco introduced fog computing technology that ensures all possible network devices interlinked to fog devices, fog devices which are then linked to the cloud. These devices collect all the users’ data, preprocess it, and then link it to the cloud. All data is collected at one central location, threats like man-in-middle attacks are probable, and there is need for proper security and access control mechanisms for the smoothness of this technology. Security vulnerabilities pave as a result of poorly constructed system or software cybercriminals finding it easy to exploit the organization or companies Data. Access control is critically important for any organization to ensure security of Data or any piece of information [1, 2, 4, 5]. Access control is a fundamental component of security through which users are granted physical or logical access rights to systems, places, shared resources, data or information[5]. Policies clarify the major objectives of the system or organization, rules ideally interpret these policies into a more clearly manageable state of a Boolean decision (ALLOW or DENY) upon an access request. In this paper, layout of our work follows; the two recent studies in access control identifying what they address, their findings and also what could be investigated as a consequence of their work and then lastly, the conclusion. 2. Recent studies in Access Control Zhang, Peng et al. [1] made a comprehensive survey of Access control of users’ data in the environment of fog computing highlighting the security vulnerabilities, problems and challenges. Younis, Kifayat et al. [4] illustrated a novel cloud based access control criteria presenting a list of factors and properties affecting proposing and evaluating of cloud based access control models reviewing significant challenge and obstacle to cloud computing security. Beckerle, Matthias et al. [5] introduced a security and metrics approach that quantify how usable access control rule sets are, providing an approach that offers a uniform and scientific method for comparing different rule sets that can be used as an optimization criteria to generate usable access control rule sets and to improve their manageability. 2.1 Formal definitions for Usable Access Control Rule sets from goals to Metrics. 2.1.1 Authors’ contribution From the results that correlate with the objectives; From the pilot study, the authors derived six goals for building usable access control rule sets, which are currently used by experts to evaluate rule sets The authors’ introduced security and usability metrics that quantify how usable access control rule sets are, obtained a set of six formal definitions for security and usability properties of access control rule sets; allow no more than the owner wants to be allowed, allow everything the owner wants to be allowed, a rule must not be fully covered by another rule of the same rule set, two rules belonging to the same rule set must not conflict, minimize the number of rule set elements and minimize maintenance effort in a changing system. Hence providing means for obtaining usable access control rule sets that, reflect to the access control policies and secondly, access control rule sets that are easy to understand and manage.
  • 2. The authors’ also provided an approach that offers a uniform and scientific method for computing different rule sets that can be used as optimization criteria to generate usable access control rule sets to improve their manageability through formalizing and implementing tools to measure and compare different rule sets automatically, hence authors’ achieving their objectives. 2.1.2 Authors’ motivation to carry out specific work This section summaries the research gap of [6-8], The authors’ realized that access control rule sets that formulate access control policies, the task of generating and managing them is not trivial or meaningful. They presented a novel approach to support generating sound and manageable usable access control rule sets that could compare analyze access control rule sets automatically. 2.1.3 Extra studies the Contribution of the authors’ could have brought. This section summaries the authors’ recommendation and further study. The set of six goals is not comprehensive as other metrics where not included in that set for instance, the design of the User interface which wasn’t mentioned during the interviews of the pilot study but considered an important aspect for the less experienced users, additionally, indirect interdependency of rules, which may impact the usability of rule sets. Including these metrics could lead to better rule sets, but to determine their relevance would require their further testing and evaluation. Also the metrics that where presented were independent of the attribution of costs and extract extension of this work would introduce cost functions for the some specific metric sets. Optimizing a criterion could affect other criteria, therefore it is important to evaluate dependencies between criteria in future work and also design a tool that can be integrated in the daily working environment to actively help users to produce usable access control rule sets. 2.2 A Survey on Access control in Fog Computing. 2.2.1 Authors’ contribution From the results that correlate with the objectives; The authors’ discussed the developing definitions of fog computing, made comparisons among these definitions as defined by different scholars, spotting out some of the key terms used; heterogeneous, ubiquity, distribution and cloud interaction. Basing on the authors’ comparisons the authors with these key terms, they justified them as advantages of fog computing and cloud computing and the two coexist. Analyzed the security challenges in fog computing and verified that access control is a fundamental requirement to ensure security, then provided a comprehensive survey of access control on users’ data in the environment of fog computing with the aim of highlighting security problems and challenges. The authors’ provided requirements and taxonomies in order to build a secure and efficient access control in the environment of fog computing, the following requirements have to be taken into consideration namely,  Latency, access control systems in fog computing must grant access decisions to end users in a reasonable time.  Efficiency of access control is still a challenge for any access control system which may lead to the decision process being delayed causing latency to other parts of the network.  Generality; services of fog computing are based on various techniques having differences in hardware and software. They require generic APIs to deal with the existing APIs and protocols.  Aggregation needs to be done since data is collected by user devices that are located in different geographical locations in order to reduce latency and get meaningful data.  Privacy protection is unavoidable due to the decentralized architecture, protecting the privacy of data is a critical requirement in fog access control.  Resource restriction; is the main requirement of fog access control because the computation resources at the client side and the edge of the network are limited.  Policy management; the access control model in fog computing must have the ability to support releasing, invoking, and deleting or creating a policy. 2.2.2 Authors’ motivation to carry out specific work Sharing resources among potential untrusted tenants on fog devices increases the risk of side-channel attacks like the man-in-the-middle attacks on the fog devices, the authors’ to rethink possible problems of access control and security caused by virtualization and multi-tenancy. Additionally, the interference of multi-tenancy computation may lead to unauthorized information flow, and the same problems which also exist in cloud computing. 2.1.3 Extra studies the Contribution of the authors’ could have brought. Attribute based encryption access control (ABE), data owner who formulates access policies through attributes that indicate what kind of users can or cannot access the data. All data is encrypted and stored in the fog devices and cloud servers; thus, side-channel attacks because of sharing of physical resources are in vain. However, due to the unique requirements of fog computing, access control schemes of cloud computing perhaps not suitable for fog computing directly. Constructing the ABE-based access control that works best for fog computing deserves further research, to realize fine-grained, cryptographically enforced access control mechanisms in fog computing.
  • 3. 3. Conclusion In our work, we have comprehensively explored security and access control. We reviewed some of the existing work about access control and highlighted the authors’ contributions, authors’ motivation to carry out that specific work and some extra studies the contribution of the author could have brought, providing potential future research directions, explore and achieve better and more resourceful objectives for each of the new work in the future. References 1 Zhang, P., Liu, J.K., Yu, F.R., Sookhak, M., Au, M.H., and Luo, X.: ‘A survey on access control in fog computing’, IEEE Communications Magazine, 2018, 56, (2), pp. 144-149 2 Tourani, R., Misra, S., Mick, T., and Panwar, G.: ‘Security, privacy, and access control in information- centric networking: A survey’, IEEE communications surveys & tutorials, 2017, 20, (1), pp. 566-600 3 Gantz, J., and Reinsel, D.: ‘The digital universe in 2020: Big data, bigger digital shadows, and biggest growth in the far east’, IDC iView: IDC Analyze the future, 2012, 2007, (2012), pp. 1-16 4 Younis, Y.A., Kifayat, K., and Merabti, M.: ‘A novel evaluation criteria to cloud based access control models’, in Editor (Ed.)^(Eds.): ‘Book A novel evaluation criteria to cloud based access control models’ (IEEE, 2015, edn.), pp. 68-73 5 Beckerle, M., and Martucci, L.A.: ‘Formal definitions for usable access control rule sets from goals to metrics’, in Editor (Ed.)^(Eds.): ‘Book Formal definitions for usable access control rule sets from goals to metrics’ (ACM, 2013, edn.), pp. 2 6 Bauer, L., Cranor, L.F., Reeder, R.W., Reiter, M.K., and Vaniea, K.: ‘Real life challenges in access- control management’, in Editor (Ed.)^(Eds.): ‘Book Real life challenges in access-control management’ (ACM, 2009, edn.), pp. 899-908 7 Latham, D.C.: ‘Department of defense trusted computer system evaluation criteria’, Department of Defense, 1986 8 Smetters, D.K., and Good, N.: ‘How users use access control’, in Editor (Ed.)^(Eds.): ‘Book How users use access control’ (ACM, 2009, edn.), pp. 15