JISE


  [ 1 ] [ 2 ] [ 3 ] [ 4 ] [ 5 ] [ 6 ] [ 7 ] [ 8 ] [ 9 ] [ 10 ] [ 11 ] [ 12 ] [ 13 ] [ 14 ] [ 15 ] [ 16 ]


Journal of Information Science and Engineering, Vol. 33 No. 3, pp. 743-758


A PANH-based Access Control Mechanism for Cross-Cloud Service Composition


AO-DI LIU, NA WANG AND MING-CONG LIU
National Digital Switching System Engineering and Technological Research Center
ZhengZhou Science and Technology Institute
Zhengzhou, 450000 P.R. China
E-mail: {ladyexue; tinatwf}@163.com; lmc340406@sina.com

 


For access control problem of cross-cloud service composition, we propose an access control mechanism of cross-cloud service composition. The mechanism uses policy attribute negotiation based on historical information (PANH) to achieve access control. The mechanism can ensure the consistency of the different service components policies in global composite service and avoids that the composite service does not work properly because of policy conflicts. We have designed a negotiation algorithm based on historical information. Historical information is used in negotiation process. By synchronizing high frequency negotiation policy, storing history information of negotiation and calculating cost of attributes disclosure, we optimize the negotiation process and improve the efficiency of negotiation. Finally, our simulations verify the feasibility and efficiency of the mechanism.


Keywords: cloud service, service composition, access control, ABAC, policy negotiation

  Retrieve PDF document (JISE_201703_09.pdf)