An adaptive formal parallel technique with reputation integration for the enforcement of security policy in the cloud environment

Abstract

Protecting sensitive data from unauthorized users is a major challenge while sharing data via cloud storage. This has been the objective of mechanisms to control access. This paper proposes an adaptive formal technique for security policy enforcement in Cloud environment. In this approach, the actions of the user performed in the cloud are modeled as a process algebra expression, with a new variant of Algebra Communication Process ACP, with reputation integration. Security policies are expressed by logical formula. Our system enables us to check whether the process meets the security policy and the reputation limit that is required. If it does not, automatic enforcement generates a new process that satisfies a security policy. To prove the efficacy of our security policy enforcement, a software prototype has been implemented and evaluate. The results show a decrease in computation costs and an improvement in cloud defense against insider attacks. It demonstrates also, that our solution outperforms SKMFA-SC (Prabha and Saraswathi, 2020), SEAPP (Hu et al., 2021), FDAC-TR (Yan et al., 2017), RMTAC (Lin et al., 2015), RRAC (Amoon et al., 2020) and DTRM (Lin et al., 2018) in terms of unauthorized access blocking rate, false positive and negative rates, average reputation evaluation accuracy rate, and average response system time.