期刊名称:Bulletin of the Technical Committee on Data Engineering
出版年度:2012
卷号:35
期号:4
出版社:IEEE Computer Society
摘要:Cloud computing is a major emerging technology that is significantly changing industrial computingparadigms and business practices. However, security and privacy concerns have arisen as obstaclesto widespread adoption of clouds by users. While much cloud security research focuses on enforcingstandard access control policies typical of centralized systems, such policies often prove inadequate forthe highly distributed, heterogeneous, data-diverse, and dynamic computing environment of clouds. Toadequately pave the way for robust, secure cloud computing, future cloud infrastructures must considerricher, semantics-aware policies; more .exible, distributed enforcement strategies; and feedback mech-anisms that provide evidence of enforcement to the users whose data integrity and confidentiality is atstake. In this paper, we propose a framework that supports such policies, including rule- and context-based access control and privacy preservation, through the use of in-lined reference monitors and atrusted application programming interface that affords enforceable policy management over heteroge-neous cloud data