A Thorough Trust and Reputation Based RBAC Model for Secure Data Storage in the Cloud

• Published in: IEEE transactions on parallel and distributed systems Vol. 30; no. 4; pp. 778 - 788
• Main Authors: Ghafoorian, Mahdi, Abbasinezhad-Mood, Dariush, Shakeri, Hassan
• Format: Journal Article
• Language: English
• Published: New York IEEE 01.04.2019; The Institute of Electrical and Electronics Engineers, Inc. (IEEE)
• Subjects: Access control; Cloud computing; Computational modeling; Cybersecurity; Data storage; Measurement; Memory; reputation; role-based access control (RBAC); trust management system (TMS)
• ISSN: 1045-9219; 1558-2183
• DOI: 10.1109/TPDS.2018.2870652

Cloud computing is a widespread technology, which has attracted much attention nowadays. Among the many criteria that must be considered for data storage in the cloud, access control plays a vital role. Role-based access control (RBAC) is a well-known technique for secure data storage in the cloud. Since the traditional RBAC models are improper for open and decentralized environments, recently, some works have integrated the trust concept into the RBAC model. Nevertheless, they have not fully addressed the required security metrics of a trust-based system. Therefore, in this paper, we first introduce the security goals that should be considered in an efficient trust-based system. Second, we propose a novel trust and reputation based RBAC model that not only can properly withstand the security threats of trust-based RBAC models, but also is scalable as it has reasonable execution time. Third, we evaluate the proposed model using the famous trust network of advogato dataset. Eventually, we compare the proposed model with recently-published ones in terms of mean absolute error, execution time of indirect trust computation, and provided features. The achieved results are indicative of the priority of the proposed model to be employed in real cloud environments.