Publication Type:

Journal Article


Communications in Computer and Information Science, Volume 190 CCIS, Number PART 1, Kochi, p.488-500 (2011)





Access control, Access control mechanism, Cloud computing, Cloud providers, Computer systems, Confidential information, Direct control, Elasticity, Hypervisor, Insider attack, Insider Threat, Security, Security and privacy, Security policy, Security systems, Security threats, System administrators, System maintenance, Third parties


Cloud computing is becoming popular due to its ability to provide dynamic scalability and elasticity of resources at affordable cost. In spite of these advantages key concerns that prevent large scale adoption of cloud computing today are related to security and privacy of customer's data in the cloud. The main security concerns of clients are loss of direct control of their data and being forced to trust a third party provider with confidential information. Among security threats in the cloud, insider threats pose a serious risk to clients. This paper presents a new access control mechanism that can mitigate security threats in the cloud including those caused by insiders, such as malicious system administrators. The problem is challenging because the cloud provider's system administrators have elevated privileges for performing genuine system maintenance and administration tasks. We describe an access control mechanism that generates immutable security policies for a client, propagates and enforces them at the provider's infrastructure. © 2011 Springer-Verlag.


cited By (since 1996)1; Conference of org.apache.xalan.xsltc.dom.DOMAdapter@2fbc1f0c ; Conference Date: org.apache.xalan.xsltc.dom.DOMAdapter@679a654f Through org.apache.xalan.xsltc.dom.DOMAdapter@49715aac; Conference Code:86007

Cite this Research Publication

Sa Sundararajan, Narayanan, Ha, Pavithran, Va, Vorungati, Kb, and Dr. Achuthan, K., “Preventing insider attacks in the cloud”, Communications in Computer and Information Science, vol. 190 CCIS, pp. 488-500, 2011.