Total views : 291

Ontology Centric Access Control Mechanism for Enabling Data Protection in Cloud


  • Faculty of Computer Science and Engineering, Department of Computer Science and Engineering, Sathyabama University, Chennai - 600 119, Tamilnadu, India
  • Alpha College of Engineering, Chennai, Tamilnadu, India


Background: Cloud computing provides access to a large scale of resources. Access control is the indispensable requirement for protecting cloud resource. A cloud service provider is responsible for enforcing access control and they normally rely upon conventional access control mechanisms. Methods: These access control policies, consider the access control primitives in separation which may lead to abuse of access control. These aforesaid problems motivated our research to center around the provision of access control by considering the association among the three access control primitives namely the user making access request, resource upon which access is requested and operation performed by the user on the resource. Hence Ontology Centric Access Control (OCAC) is being proposed in this paper. Findings: This OCAC circulates authorization rules among the primitives of access control say subject, object and action by reducing the various associations among the associations among the access control elements; it is observed that there is less chance for security violation. Ontology is used since it reduces the times of agreement while exchanging the authorization policies across the security domains. For reducing the number of statements and rules in policy base, subsumption property is used. This reduces the space and time complexity. Applications/Improvements: We are applying our work to protect bank data as banks are embracing clouds to store huge data by cutting their IT costs.


Access Control, Ontology, Cloud Computing, User Ontology, Resource Ontology, Activity Ontology Introduction.

Full Text:

 |  (PDF views: 297)


  • Mell P, Grance T. The NIST Definition of Cloud Computing. ver. 15. Information Technology Laboratory, US Nat’l Institute of Standards and Technology. Oct. 2009.
  • CSA: The Notorious Nine Cloud Computing Top Threats in 2013. https://downloads. topthreats/The_Notorious_Nine_Cloud_Computing Top_Threats_in_2013.pdf (2013). Accessed Jul. 2013
  • Chunming Rong, Son.T.Nguyen, Martin Gilje Jaatun. Beyond Lightning: A Survey on Security Challenges in Cloud Computing. Journal of Computers and Electrical Engineering, 2012.
  • Diogo A. B. Fernandes, Liliana F. B. Soares, Jo˜ao V. Gomes, M´ario M. Freire, Pedro R. M. In´acio. Security Issues in Cloud Environments — A Survey. International Journal of Information Security. 2014 April,13(2), 113-170.
  • Keiko Hashizume, David G Rosado, Eduardo Fernández- Medina and Eduardo B Fernandez. An analysis of security issues for cloud computing. Springer Open Journal of Internet Services and Applications. 2013, 4(5).
  • Nelson Gonzalez, Charles Miers, Fernando Red´ıgolo, Marcos Simpl´ıcio, Tereza Carvalho, Mats N¨aslund and Makan Pourzandi. A quantitative analysis of current security concerns and solutions for cloud computing. Journal of cloud computing, SpringerOpen Journal. 2012,1.
  • Takabi, H., Joshi, J.B.D, Ahn, G.J. Security and privacy challenges in cloud computing environments. IEEE Security and Privacy. 2010, 8(6),25–31.
  • Hong Sun, Xueqin Zhang, Chunhua G. Role-based Access Control Using Ontology in Cloud Storage. International Journal of Grid and Distribution Computing. 2014 7(3), 1-12.
  • Lin G, He S, Huang H et al. Access Control Security Model Based on Behavior in Cloud Computing. Journal on Communications. 2012, 33(3), 59-66.
  • Luokai Hu, Shi Ying, Xiangyang Jia, and Kai Zhao. Towards an Approach of Semantic Access Control for Cloud Computing. LNCS. Springer-Verlag Berlin Heidelberg. 2009, 5931, 145–156.
  • Yuh-Jong Hu and Win-Nan Wu and Jiun-Jan Yang. Semantics- enabled Policies for Super-Peer Data Integration and Protection. International Journal of Computer Science and Applications. 2012, 9(1), 23 – 49.
  • Antonios Gouglidis, Ioannis Mavridis, Vincent C. Hu. Security policy verification for multi-domains in cloud systems. International Journal of Information Security. Springer. 2014 Volume 13, 97-111
  • Chang Choi, Junho Choi, Byeongkyu Ko, Kunseok Oh, Pankoo Kim. A Design of Onto-ACM(Ontology based Access Control Model) in Cloud Computing Environments. Journal of Internet Services and Information Security (JISIS). 2012, volume: 2, 54-64.
  • Chang Choi, Junho Choi, Byeongkyu Ko, Kunseok Oh, Pankoo Kim. Ontology-based access control model for security policy reasoning in cloud computing. Journal of SuperComputing. 2014, 67(3), 711-722.
  • Hong Sun, Xueqin Zhang, Chunhua G. Role-based Access Control Using Ontology in Cloud Storage. International Journal of Grid and Distribution Computing. 2014 7(3), 1-12.
  • Jingwei Huang, David M Nicol. Trust mechanisms for cloud computing. Springer Open Journal of Cloud Computing. August 2012, 2(9).
  • Hongxin Hu, Gail-Joon Ahn, Ketan Kulkarni. Discovery and Resolution of Anomalies in Web Access Control Policies. Transactions on Dependable and Secure Computing. 2013 November-December, 10(6),341-354.
  • Li X, Shi Y, Guo Y, Ma W. Multi-tenancy based access control in cloud. In: Proceedings of the International Conference on Computational Intelligence and Software Engineering (CiSE). 2010, 1–4
  • Nai Wei Lo, Ta Chih Yang Ming Huang Guo. An Attribute- Role Based Access Control Mechanism for Multi-tenancy Cloud Environment. Wireless Pers Commun, Springer Science+Business Media, New York. 2015
  • Zhenji Zhou, Lifa Wu, Zheng Hong. Context-Aware Access Control Model for Cloud Computing. International Journal of Grid and Distribution Computing. 2013 6(6), 1-12.
  • Sanka S, Hota C, Rajarajan M. Secure Data Access in Cloud Computing. In: Proceedings of the IEEE 4th International Conference on Internet Multimedia Services Architecture and Applications (IMSAA), 2010.
  • S. Vigneshwari, M. Aramudhan. Social Information Retrieval Based on Semantic Annotation and Hashing upon the Multiple Ontologies. Indian Journal of Science and Technology, 2015 Jan, 8(2), Doi no: 10.17485/ijst/2015/ v8i2/57771.


  • There are currently no refbacks.

Creative Commons License
This work is licensed under a Creative Commons Attribution 3.0 License.