Ontology Based Access Control By Exploiting Subsumption Property To Protect Data Leakage In Cloud Environment

Abstract

Cloud computing has been in business organizations as well as end-users thereby minimizing administration effort, least maintenance cost, and ubiquitous access to any resource through the Internet. Sensitive information may persist in the cloud and rigid access control must be deployed to protect the data. Traditional Access control models such as Discretionary Access control (DAC), Mandatory Access Control model (MAC), Role-Based Access Model (RBAC), or Attribute-Based Access Control Model (ABAC) contemplate the elements of access control such as subject, object, and action in isolation and thereby driving to inappropriate access control conclusions. Here, ABAC is extended by incorporating the ontologies framework. Ontologies are used to model the subject, object and action, and the interrelationships between the entities. Hence the ontology-based access control could be adapted in cloud environments with ease. Ontology is chosen as it promises simplified information sharing among the entities in heterogeneous environments. Subsumption attribute is used over the cogitations, attributes, and personals which makes our contribution to stand unique among others. In the literature, subsumption property is used only among concepts. Subsumption property does not enforce storing all the policies explicitly, which in turn reduces the regulations to be preserved in the policy base. Hence, the size of the policy base does not hamper the performance of the proposed model and the target policy can be easily achieved. Subsumption property also helps the newline newline newline newlineinference engine to do reasoning in a shorter span thereby the proposed model can make faster access control decisions. newline newline newlineFurthermore, the proposed work is evaluated with the assistance of access control criteria facilitated by the National Institute of Standards and Technology (NIST) and compared with the models suggested by many researchers in the literature. The criterion like the simplicity of benefit tasks, least bene