IFIP TM Keynote: Trust Enhanced Secure Role-based Access Control on Encrypted Data in Cloud
In this talk I will begin with a brief look at current trends in the technology scenery and some of the key security challenges that are impacting on business and society. In particular, on the one hand there have been tremendous developments in cyber technologies such as cloud, Big Data and Internet of Technologies.
Then we will consider security and trust issues in cloud services and cloud data. In this talk, we will focus on policy based access to encrypted data in the cloud. We will present a new technique, Role based Encryption (RBE), which integrates cryptographic techniques with role based access control. The RBE scheme allows policies defined by data owners to be enforced on the encrypted data stored in public clouds. The cloud provider will not be able to see the data content if the provider is not given the appropriate role by the data owner. We will present a practical secure RBE based hybrid cloud storage architecture, which allows an organisation to store data securely in a public cloud, while maintaining the sensitive information related to the organisation’s structure in a private cloud.
Then we will consider trust issues in RBE based secure cloud data systems. We will discusstwo types of trust modelsthat assist (i) the data owners/users to evaluate the trust on the roles/role managers in the system as well as (ii) the role managers to evaluate the trust on the data owners/users for when deciding on role memberships. These models will take into account the impact of role hierarchy and inheritance on the trustworthiness of the roles and users. We will also consider practical application of the trust models and illustrate how the trust evaluations can help to reduce the risks and enhance the quality of decision making by data owners and role managers of the cloud storage services.