Self-protecting documents for cloud storage security

Proc. of the 11th IEEE Int. Conference on Trust, Security and Privacy in Computing and Communications, TrustCom-2012 - 11th IEEE Int. Conference on Ubiquitous Computing and Communications, IUCC-2012

Volumn , Issue , 2012, Pages 1231-1238

  Munier, Manuel ^a   Lalanne, Vincent ^a   Ricarde, Magali ^b  

^a UNIVERSITÉ DE PAU ET DES PAYS DE L'ADOUR   (France)

^b BackPlan Company   (France)

Author keywords

autonomic document; cloud storage security; E DRM; self protecting document; usage control

Indexed keywords

AUTONOMIC DOCUMENT; E-DRM; SELF PROTECTING; STORAGE SECURITY; USAGE CONTROL;

ACCESS CONTROL; INDUSTRY; INFORMATION SYSTEMS; UBIQUITOUS COMPUTING;

NETWORK SECURITY;

EID: 84868131868     PISSN: None     EISSN: None     Source Type: Conference Proceeding    
DOI: 10.1109/TrustCom.2012.261     Document Type: Conference Paper

References (25)

1. X. Zhang, H.-t. Du, J.-q. Chen, Y. Lin, and L.-j. Zeng, "Ensure data security in cloud storage," 2011 International Conference on Network Computing and Information Security, pp. 284-287, 2011.
2. J.-J. Hwang, H.-K. Chuang, Y.-C. Hsu, and C.-H. Wu, "A business model for cloud computing based on a separate encryption and decryption service," Information Science and Applications, International Conference on, vol. 0, pp. 1-7, 2011.
3. T. Mather, S. Kumaraswamy, and S. Latif, Cloud Security and Privacy, M. Loukides, Ed. O'Reilly, 2009, vol. 1, no. 11.
4. J. Wu, L. Ping, X. Ge, Y. Wang, and J. Fu, "Cloud storage as the infrastructure of cloud computing," 2010 International Conference on Intelligent Computing and Cognitive Informatics, pp. 380-383, 2010.
5. B. Grobauer, T. Walloschek, and E. Stocker, "Understanding cloud computing vulnerabilities," IEEE Security Privacy Magazine, vol. 9, no. 2, pp. 50-57, 2011.
6. K. Dahbur, B. Mohammad, and A. B. Tarakji, "A survey of risks , threats and vulnerabilities in cloud computing," Computing, pp. 1-6, 2011.
7. F. Sabahi, "Cloud computing security threats and responses," Computer Engineering, pp. 245-249, 2011.
8. M. Munier, "A multi-view approach for embedded information system security," in CRiSIS. IEEE, 2010, pp. 65-72.
9. A. A. E. Kalam, S. Benferhat, A. Miège, R. E. Baida, F. Cuppens, C. Saurel, P. Balbiani, Y. Deswarte, and G. Trouessin, "Organization based access control," in POLICY. IEEE Computer Society, 2003, pp. 120-131.
10. Y. Elrakaiby, F. Cuppens, and N. Cuppens-Boulahia, "From contextual permission to dynamic pre-obligation: An integrated approach," in ARES. IEEE Computer Society, 2010, pp. 70-78.
11. F. Cuppens and N. Cuppens-Boulahia, "Modeling contextual security policies," Int. J. Inf. Sec., vol. 7, no. 4, pp. 285-305, 2008.
12. F. Cuppens and A. Miège, "Modelling contexts in the or-bac model," in ACSAC. IEEE Computer Society, 2003, pp. 416-427.
13. M. L. Damiani, E. Bertino, B. Catania, and P. Perlasca, "Georbac: A spatially aware rbac," ACM Trans. Inf. Syst. Secur., vol. 10, no. 1, 2007.
14. E. Bertino, P. A. Bonatti, and E. Ferrari, "Trbac: A temporal role-based access control model," ACM Trans. Inf. Syst. Secur., vol. 4, no. 3, pp. 191-233, 2001.
15. C. K. Georgiadis, I. Mavridis, G. Pangalos, and R. K. Thomas, "Flexible team-based access control using contexts," in SACMAT, 2001, pp. 21-27.
16. D. G. Cholewka, R. A. Botha, and J. H. P. Eloff, "A context-sensitive access control model and prototype implementation," in SEC, ser. IFIP Conference Proceedings, S. Qing and J. H. P. Eloff, Eds., vol. 175. Kluwer, 2000, pp. 341-350.
17. E. Bertino, E. Ferrari, and V. Atluri, "The specification and enforcement of authorization constraints in workflow management systems," ACM Trans. Inf. Syst. Secur., vol. 2, no. 1, pp. 65-104, 1999.
18. E. Bertino and H.-S. Lim, "Assuring data trustworthiness - concepts and research challenges," in Secure Data Management, ser. Lecture Notes in Computer Science, W. Jonker and M. Petkovic, Eds., vol. 6358. Springer, 2010, pp. 1-12.
19. Xingyu Zheng and Patrick Maillé and Cam Tu Phan Le and Stephane Morucci, "Trust mechanisms for efficiency improvement in collaborative working environments," in MASCOTS. IEEE, 2010, pp. 465-467.
20. C. T. P. Le, F. Cuppens, N. Cuppens-Boulahia, and P. Maillé, "Evaluating the trustworthiness of contributors in a collaborative environment," in CollaborateCom, ser. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, E. Bertino and J. B. D. Joshi, Eds., vol. 10. Springer, 2008, pp. 451-460.
21. M. Munier, K. Benali, and C. Godart, "Discoo, a really distributed system for cooperation," Networking and Information Systems, vol. 2, no. 5-6, pp. 605-637, 1999.
22. M. Munier, K. Benali, and C.Godart, "A transactional approach for cross-organizational cooperation," in GlobeComm99 (Enterprise Applications and Services Symposium), december 1999.
23. ISO/IEC, "ISO/IEC 27005:2011: Information technology - security techniques - information security risk management," International Organization for Standardization, Geneva, Switzerland, Published, 2011.
24. M. Ben-Ghorbel-Talbi, F. Cuppens, N. Cuppens-Boulahia, and A. Bouhoula, "A delegation model for extended rbac," Int. J. Inf. Sec., vol. 9, no. 3, pp. 209-236, 2010.
25. J. Thomas, F. Cuppens, and N. Cuppens, "Environmental constraints management in digital right licences," in SARSSI 2008 : 3ème Conférence sur la Sécurité des Architectures Réseaux et des Systèmes d'Information, 13-17 octobre, Loctudy, France, Publibook, Ed. 75015 Paris: RSM - Dépt. Réseaux, Sécurité et Multimédia (Institut TELECOM ; TELECOM Bretagne), 2008, pp. 85-99.