Abstract
There have been several attempts made in literature to develop access control techniques to stem data security problems. Many of these techniques had been found to have one deficiency or other. Hence, this study developed a Symbolic Attribute-Based Access Control (SABAC) system for data security in the cloud service environment. SABAC system was implemented by developing Hash-tag Symbol Authentication (HSA) algorithm using the Message Digest-5 encryption. SABAC utilizes a 3-Tier continuous authentication method by combining the use of username and password, HSA code, and real-time image monitoring and verification. HSA code is generated by combining 5-tuple user attributes and the string generated from the user’s image using Obfuscation Technique. The concatenated string is converted to hexadecimal which serves as input to MD5 to produces a unique HSA code. SABAC was evaluated using three major security metrics of confidentiality, integrity, and avail-ability. The result of security metrics tests showed a confidence level of 99.993%, integrity threshold of 99.998%, and availability throughput of 150 users/second. This implies that SABAC is highly efficient for cloud data security. It shows that hackers would find it impossible to match any fake identity with valid HSA in the database. The study concluded that SABAC could be used for access control in a cloud environment for assuring data security. It was recommended that the SABAC system should be adopted by Cloud Solution Providers and Security Specialists.
Highlights
In the conventional form of computing, the cost of setting up computer services is very high, including infrastructure maintenance, technical training, software licensing, and upgrading costs
Symbolic Attribute-Based Access Control (SABAC) system was implemented by developing Hash-tag Symbol Authentication (HSA) algorithm using the Message Digest-5 encryption
Attribute-Based Access Control (ABAC) leveraged on authorization more than authentication [5] we proposed a new system that is authentication-based
Summary
In the conventional form of computing, the cost of setting up computer services is very high, including infrastructure maintenance, technical training, software licensing, and upgrading costs. The way information communication technology systems are managed has changed with improved Technology This has resulted in a dramatic reduction in the cost of computing services and operation. ABAC is characterized by NIST as an access management system where approvals are granted or refused on the basis of attributes assigned to the subjects, objects, environmental, and a collection of policy specifying the attributes [6]. ABAC is made up of Constraint, Permission, Object, Subjects and Users. In some cases the ABAC model consists of entities called subject; that can be referred to as device, program, mechanism, user etc. An object could be a resource to be accessed by a user. The user needs to be assigned attributes to identify permission to access the services
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
