Skip to main content

A privacy preserving authorisation system for the cloud

Chadwick, David W., Fatema, Kaniz (2012) A privacy preserving authorisation system for the cloud. Journal of Computer and System Sciences, 78 (5). pp. 1359-1373. ISSN 0022-0000. (doi:10.1016/j.jcss.2011.12.019) (KAR id:31975)


In this paper we describe a policy based authorisation infrastructure that a cloud provider can run as an infrastructure service for its users. It will protect the privacy of users’ data by allowing the users to set their own privacy policies, and then enforcing them so that no unauthorised access is allowed to their data. The infrastructure ensures that the users’ privacy policies are stuck to their data, so that access will always be controlled by the policies even if the data is transferred between cloud providers or services. This infrastructure also ensures the enforcement of privacy policies which may be written in different policy languages by multiple authorities such as: legal, data subject, data issuer and data controller. A conflict resolution strategy is presented which resolves conflicts among the decisions returned by the different policy decision points (PDPs). The performance figures are presented which show that the system performs well and that each additional PDP only imposes a small overhead.

Item Type: Article
DOI/Identification number: 10.1016/j.jcss.2011.12.019
Uncontrolled keywords: Policy decision point; Privacy policies; Sticky policies; Credential validation service; Obligations; Cloud security
Subjects: Q Science > QA Mathematics (inc Computing science) > QA 76 Software, computer programming,
Divisions: Divisions > Division of Computing, Engineering and Mathematical Sciences > School of Computing
Depositing User: David Chadwick
Date Deposited: 25 Oct 2012 16:22 UTC
Last Modified: 16 Nov 2021 10:09 UTC
Resource URI: (The current URI for this page, for reference purposes)

University of Kent Author Information

  • Depositors only (login required):

Total unique views for this document in KAR since July 2020. For more details click on the image.