Title: Enhance the security properties and information flow control

Authors: Nadya El Moussaid; Maryam El Azhari

Addresses: ENSA, Ibn Zoher University, Agadir, Morocco ' ENSA, Ibn Zoher University, Agadir, Morocco

Abstract: The fact, that users are connected from different devices to cloud computing and storage services via some particular authentication mechanisms. However, when it comes to credential information such as the login and password, they are most likely to be intrusively utilised without necessarily been detected. Hence, the security policy of cloud computing has to manage both access control and viral analysis so that to guarantee security properties of tenants and organisations. The main purpose of this paper is to enhance the security properties by formulating them in a dynamic way through analysing the behaviour of entities and associate them with a trust level and security class. For this reason, we have implemented a security policy which the main role is to create a template, in order to guarantee the security properties namely the confidentiality, integrity and availability (CIA). Our results obtained during our experiments show the efficiency of our approach in terms of the classification and the real-time detection rate which reaches up to 95%.

Keywords: cloud computing; security; security properties; information flow control; security policy; access control model; security policy template; information security; computer security.

DOI: 10.1504/IJEB.2020.10031258

International Journal of Electronic Business, 2020 Vol.15 No.3, pp.249 - 274

Received: 05 Dec 2017
Accepted: 30 Dec 2018

Published online: 19 Aug 2020 *

Full-text access for editors Access for subscribers Purchase this article Comment on this article