Authors: Nadya El Moussaid; Maryam El Azhari
Addresses: ENSA, Ibn Zoher University, Agadir, Morocco ' ENSA, Ibn Zoher University, Agadir, Morocco
Abstract: The fact, that users are connected from different devices to cloud computing and storage services via some particular authentication mechanisms. However, when it comes to credential information such as the login and password, they are most likely to be intrusively utilised without necessarily been detected. Hence, the security policy of cloud computing has to manage both access control and viral analysis so that to guarantee security properties of tenants and organisations. The main purpose of this paper is to enhance the security properties by formulating them in a dynamic way through analysing the behaviour of entities and associate them with a trust level and security class. For this reason, we have implemented a security policy which the main role is to create a template, in order to guarantee the security properties namely the confidentiality, integrity and availability (CIA). Our results obtained during our experiments show the efficiency of our approach in terms of the classification and the real-time detection rate which reaches up to 95%.
Keywords: cloud computing; security; security properties; information flow control; security policy; access control model; security policy template; information security; computer security.
International Journal of Electronic Business, 2020 Vol.15 No.3, pp.249 - 274
Received: 05 Dec 2017
Accepted: 30 Dec 2018
Published online: 13 Aug 2020 *