期刊名称:International Journal of Security and Its Applications
印刷版ISSN:1738-9976
出版年度:2012
卷号:6
期号:2
出版社:SERSC
摘要:Cloud computing is the next generation of platform over which information and services can be offered to the user in a more convenient and transparent way. On the other hand, however, commercial interests will cause information proliferation, resulting in over-supply of useless information to the user and waste of precious systems and network resources. The problem of controlling such information proliferation has thus received a great deal of interests in recent years. In this paper, we propose an access control model for negative authorization to provide the user with the ability and flexibility of specifying the objects to which access is not desired through the means of negative authorization. The main contributions of this paper include: (1) the concept of negative authorization in access control; (2) negative authorization rules; and (3) specification of negative authorizations by the user. With the ability of specifying negative authorization by the user, access to unwanted information and services offered by the cloud can be disabled through access control. Compared to filtering mechanisms that block unwanted information and services, negative authorization has the advantage of saving precious computation and network resources because access control happens prior to actual access while filtering takes place after system access and network transmission.
