SECURITY AND DATA ACCESS CONTROL MODEL IN CLOUD SERVICES BASED ON THE IDENTITY AND ACCESS MANAGEMENT MECHANISM
DOI:
https://doi.org/10.18372/2225-5036.30.18575Keywords:
security model, IAM, cloud technologies, authentication, authorization, monitoring, auditing, access managementAbstract
Implementation of cloud services has provided the opportunity to utilize powerful resources and ensure data storage in a secure location with fast accessibility. However, it has become a significant source of risk not only from external attackers but also from internal threats. At the same time, the rapid increase in the use of cloud services in organizations has caused an urgent need to develop an effective security model and control access to data stored in the clouds, as new vulnerabilities associated with their use appear. The research focuses on investigating the IAM mechanism, as well as technologies and standards widely used for data access control and monitoring of information security incidents. A security and access control model has been developed, as well as recommendations for improving the system. Developing a security model based on IAM allows you to set strict data access rules, limit user privileges, and provide protection against unauthorized access. Also, the model allows users to be identified, authenticated and authorized, as well as control their access to various resources and functions of the cloud service, reducing the risk of security incidents.
References
Rayapati, Siri & Muttavarapu, Sravya & Nagasuri, Navya & Singhal, Sunita. (2023). Security in Cloud Technologies: A Brief Overview. pp. 683-695. 10.4028/p-4pq758.
Kizza, Joseph. (2024). Cloud Computing Technology and Security. 10.1007/978-3-031-47549-8_23.
"Identity Access Management (IAM) System", TechTarget [Електронний ресурс]: https://www.techtarget.com/searchsecurity/definition/identity-access-management-IAM-system.
Kumar, Akhil & Vesireddy, Akhil Kumar Reddy & Shetty, Sharan. (2023). Cloud computing security issues in delivery service models and solutions. 10.13140/RG. 2.2.23286.98882.
Rizvi, Zainab & Khan, Chaudry & O'Sullivan, Michael. (2023). Analytical hierarchy process model for managing cloud security. Information & Computer Security. 32. 10.1108/ICS-07-2022-0121.
Awadh, Wed & Alasady, Ali & Hashim, Mohammed. (2023). A multilayer model to enhance data security in cloud computing. Indonesian Journal of Electrical Engineering and Computer Science. 32. pp. 1105-1114. 1105. 10.11591/ijeecs.v32.i2.
Malleswari, B. & Kolachalama, Rakshita & Srivallii, Voruganty. (2023). Performance Evaluation of ML-Based AWS Security Evaluation Model for Cloud Computing. 10.1007/978-981-99-1588-0_59.
Vakhula, O., Opirskyy, I., Mykhaylova, O. Research on Security Challenges in Cloud Environments and Solutions based on the security-as-Code Approach, Workshop on Cybersecurity Providing in Information and Telecommunication Systems II, vol. 3550, (2023), pp. 55-69.
Shevchuk, D., Harasymchuk, O., Partyka, A., Korshun N. Designing Secured Services for Authentication, Authorization, and Accounting of Users, Work-shop on Cybersecurity Providing in Information and Telecommunication Systems II, vol. 3550, (2023), pp. 217-225.
Solanki, Madan & Tokekar, Vrinda. (2022). Design and Implementation of Strong Security Architecture for Amazon Web Service based on Cloud Appli-cations. International Journal of Innovative Technology and Exploring Engineering. 11. 17-22. 10.35940/ijitee.L9324.11111222.
Identity Access Management (IAM) System, TechTarget [Електронний ресурс]: https://www.techtarget.com / searchsecurity / definition / identity-access-management-IAM-system.
Identity and Access Management, Cloud Computing Patterns [Електронний ресурс]: https://patterns.arcitura.com/cloud-computing-pat-terns/mechanisms/identity_and_access_management.
Elisa Bertino; Kenji Takahashi, Identity Man-agement: Concepts, Technologies, and Systems, Artech, 2010.
"Integrated Identity and Access Management Architectural Patterns", Huihoo Open Source Community [Електронний ресурс]: https://book.huihoo.com/ ibm-redbooks/security/redp4423-integrated-identity-and-access-management-architectural-patterns.pdf.
Integrated Identity and Access Management Architectural Patterns, IBM Redbooks [Електронний ресурс]: https: //www.ibm.com / downloads / cas /9YBEK41O.
Top Cloud Security Issues, Threats, and Con-cerns, Check Point Software Technologies Ltd. [Електронний ресурс]: https: // www.checkpoint.com / cyber-hub/cloud-security/what-is-cloud-security/top-cloud-security-issues-threats-and-concerns/.
Dubey, Parul & Tiwari, Arvind & Raja, Rohit. (2023). Introduction To Cloud Computing and AWS. 10.2174/9789815165821123010002.
Gandhi, Raj & Shahji, Vivek & Kamble, Nitin. (2021). Access Control Model Based on AWS IAM. International Journal of Innovative Research in Com-puter and Communication Engineering. 9. 14508. 10.15680 / IJIRCCE.2021.0911024.
How to Build an Identity and Access Man-agement Architecture, RSI Security [Електронний ресурс]: https://blog.rsisecurity.com/how-to-build-an-identity-and-access-management-architecture/.
Identity and Access Management Benefits, Identity Management Institute [Електронний ресурс]: https://identitymanagementinstitute.org/identity-and-access-management-benefits/.
Malleswari, B. & Kolachalama, Rakshita & Srivallii, Voruganty. (2023). Performance Evaluation of ML-Based AWS Security Evaluation Model for Cloud Computing. 10.1007/978-981-99-1588-0_59.
Ramadevi, J. & Dhar, M. & Kasiviswanad-ham, Y. & Majji, Sankararao & Kapila, Dhiraj. (2023). Cloud Infrastructure Security Using a Hybrid AES En-cryption Model. 10.1007/978-981-99-1726-6_24.
Carrera, Gary. (2021). BUILDING A COM-PREHENSIVE CLOUD SECURITY AUDIT PROGRAM. EDPACS. 66. 1-4. 10.1080/07366981.2021.2004689.
Dubey, Parul & Tiwari, Arvind & Raja, Rohit. (2023). Identity and Access Management in AWS. 10. 2174/9789815165821123010003.
Munteanu, Victor & Edmonds, Andy & Boh-nert, Thomas & Fortiş, Teodor-Florin. (2015). Cloud Incident Management, Challenges, Research Direc-tions, and Architectural Approach. Proceedings, 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing, UCC 2014. 786-791. 10.1109/UCC.2014.128.