Imatge de la portada

Machine Learning-Driven Security and Privacy Analysis of a Dummy-ABAC Model for Cloud Computing

Guardat en:
Publicat a:Computers vol. 14, no. 10 (2025), p. 420-441
Autor principal: Baby, Marina
Altres autors: Memon Irfana, Alvi, Fizza Abbas, Rajput Ubaidullah, Nabi Mairaj
Publicat:
MDPI AG
Matèries:
Machine learning
Datasets
Cloud computing
Privacy
Inference
Mapping
Access control
Cybersecurity
Cardiology
Decisions
Accés en línia:Citation/Abstract
Full Text + Graphics
Full Text - PDF
Etiquetes: Afegir etiqueta
Sense etiquetes, Sigues el primer a etiquetar aquest registre!
Resum:The Attribute-Based Access Control (ABAC) model provides access control decisions based on subject, object (resource), and contextual attributes. However, the use of sensitive attributes in access control decisions poses many security and privacy challenges, particularly in cloud environment where third parties are involved. To address this shortcoming, we present a novel privacy-preserving Dummy-ABAC model that obfuscates real attributes with dummy attributes before transmission to the cloud server. In the proposed model, only dummy attributes are stored in the cloud database, whereas real attributes and mapping tokens are stored in a local machine database. Only dummy attributes are used for the access request evaluation in the cloud, and real data are retrieved in the post-decision mechanism using secure tokens. The security of the proposed model was assessed using a simulated threat scenario, including attribute inference, policy injection, and reverse mapping attacks. Experimental evaluation using machine learning classifiers (“DecisionTree” DT, “RandomForest” RF), demonstrated that inference accuracy dropped from ~0.65 on real attributes to ~0.25 on dummy attributes confirming improved resistance to inference attacks. Furthermore, the model rejects malformed and unauthorized policies. Performance analysis of dummy generation, token generation, encoding, and nearest-neighbor search, demonstrated minimal latency in both local and cloud environments. Overall, the proposed model ensures an efficient, secure, and privacy-preserving access control in cloud environments.
ISSN:2073-431X
DOI:10.3390/computers14100420
Font:Advanced Technologies & Aerospace Database