{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,20]],"date-time":"2025-11-20T18:53:28Z","timestamp":1763664808599,"version":"3.37.3"},"reference-count":40,"publisher":"Springer Science and Business Media LLC","issue":"2-3","license":[{"start":{"date-parts":[[2022,3,31]],"date-time":"2022-03-31T00:00:00Z","timestamp":1648684800000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2022,3,31]],"date-time":"2022-03-31T00:00:00Z","timestamp":1648684800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"funder":[{"DOI":"10.13039\/501100002386","name":"Cairo University","doi-asserted-by":"crossref","id":[{"id":"10.13039\/501100002386","id-type":"DOI","asserted-by":"crossref"}]}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Distrib Parallel Databases"],"published-print":{"date-parts":[[2022,9]]},"abstract":"<jats:title>Abstract<\/jats:title><jats:p>The collaboration among different organizations is considered one of the main benefits of moving applications and services to a cloud computing environment. Unfortunately, this collaboration raises many challenges such as the access of sensitive resources by unauthorized people. Usually, Role-Based Access-Control (RBAC) model is deployed in large organizations. This paper addresses the scalability problem of the online stored rules. This problem affects the performance of the access control system due to increasing number of shared resources and\/or number of collaborating organizations in the same cloud environment. Therefore, this paper proposes replacing the cross-domain RBAC rules with Role-To-Role (RTR) mapping rules among all organizations. The RTR mapping rules are generated using a newly proposed Role-Mapping algorithm. A comparative study is performed to evaluate the proposed algorithm\u2019s performance with concerning the Rule-Store size and the authorization response time. According to the results, it is found that the proposed algorithm reduces the number of stored rules which minimizes the Rule-Store size and reduces the authorization response time. Additionally, this paper proposes applying a concurrent approach on the RTR mapping model using the proposed Role-Mapping algorithm to achieve more savings in the authorization response time. Therefore, it will be suitable in highly-collaborative cloud environments.<\/jats:p>","DOI":"10.1007\/s10619-022-07407-9","type":"journal-article","created":{"date-parts":[[2022,3,31]],"date-time":"2022-03-31T04:02:45Z","timestamp":1648699365000},"page":"521-558","update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":4,"title":["A novel role-mapping algorithm for enhancing highly collaborative access control system"],"prefix":"10.1007","volume":"40","author":[{"given":"Doaa","family":"Abdelfattah","sequence":"first","affiliation":[]},{"given":"Hesham A.","family":"Hassan","sequence":"additional","affiliation":[]},{"given":"Fatma A.","family":"Omara","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2022,3,31]]},"reference":[{"issue":"2","key":"7407_CR1","doi-asserted-by":"publisher","first-page":"137","DOI":"10.1007\/s00354-008-0081-5","volume":"28","author":"L Wang","year":"2010","unstructured":"Wang, L., et al.: Cloud computing: a perspective study. N. Gener. Comput. 28(2), 137\u2013146 (2010). https:\/\/doi.org\/10.1007\/s00354-008-0081-5","journal-title":"N. Gener. Comput."},{"key":"7407_CR2","unstructured":"Office of Management and Budget, \u201cFederal cloud computing strategy,\u201d Office of Management and Budget, 2019. https:\/\/cloud.cio.gov\/. Accessed 1 May 2019"},{"key":"7407_CR3","doi-asserted-by":"publisher","unstructured":"Zhang, R., Liu, L.: Security models and requirements for healthcare application clouds. In 2010 IEEE 3rd international conference on cloud computing, pp. 268\u2013275 (2010). https:\/\/doi.org\/10.1109\/CLOUD.2010.62","DOI":"10.1109\/CLOUD.2010.62"},{"issue":"1","key":"7407_CR4","first-page":"1","volume":"6","author":"G Gopalan","year":"2009","unstructured":"Gopalan, G., Negi, A., Sastry, V.N.: A cross-domain role mapping and authorization framework for RBAC in grid systems. Int. J. Comput. Sci. Appl. 6(1), 1\u201312 (2009)","journal-title":"Int. J. Comput. Sci. Appl."},{"issue":"3","key":"7407_CR5","doi-asserted-by":"publisher","first-page":"132","DOI":"10.14445\/22312803\/IJCTT-V29P123","volume":"29","author":"U Kaur","year":"2015","unstructured":"Kaur, U., Singh, D.: Comparative analysis of access control models. Int. J. Comput. Trends Technol. 29(3), 132\u2013135 (2015). https:\/\/doi.org\/10.14445\/22312803\/IJCTT-V29P123","journal-title":"Int. J. Comput. Trends Technol."},{"key":"7407_CR6","first-page":"259","volume":"7","author":"T Mudarri","year":"2015","unstructured":"Mudarri, T., Al-Rabeei, S.A.: Security fundamentals: access control models. Int. J. Interdiscip. Theory Pract. 7, 259\u2013262 (2015)","journal-title":"Int. J. Interdiscip. Theory Pract."},{"issue":"1","key":"7407_CR7","doi-asserted-by":"publisher","first-page":"5","DOI":"10.1186\/1869-0238-4-5","volume":"4","author":"K Hashizume","year":"2013","unstructured":"Hashizume, K., Rosado, D.G., Fern\u00e1ndez-Medina, E., Fernandez, E.B.: An analysis of security issues for cloud computing. J. Internet Serv. Appl. 4(1), 5 (2013). https:\/\/doi.org\/10.1186\/1869-0238-4-5","journal-title":"J. Internet Serv. Appl."},{"key":"7407_CR8","unstructured":"Howell, J., Kotz, D.: End-to-end authorization. In: Proceedings of the 4th conference on symposium on operating system design & implementation (2000)"},{"issue":"6","key":"7407_CR9","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1109\/MSP.2010.186","volume":"8","author":"H Takabi","year":"2010","unstructured":"Takabi, H., Joshi, J.B.D., Ahn, G.-J.: Security and privacy challenges in cloud computing environments. IEEE Secur. Priv. Mag. 8(6), 24\u201331 (2010). https:\/\/doi.org\/10.1109\/MSP.2010.186","journal-title":"IEEE Secur. Priv. Mag."},{"key":"7407_CR10","doi-asserted-by":"publisher","DOI":"10.11591\/closer.v2i2.1665","author":"S Gerges","year":"2013","unstructured":"Gerges, S., Khattab, S., Hassan, H., Omara, F.A.: Scalable multi-tenant authorization in highly-collaborative cloud applications. Int. J. Cloud Comput. Serv. Sci. (2013). https:\/\/doi.org\/10.11591\/closer.v2i2.1665","journal-title":"Int. J. Cloud Comput. Serv. Sci."},{"key":"7407_CR11","doi-asserted-by":"publisher","unstructured":"Tang, B., Li, Q., Sandhu, R.: A multi-tenant RBAC model for collaborative cloud services. In: 2013 eleventh annual conference on privacy, security and trust, pp. 229\u2013238 (2013). https:\/\/doi.org\/10.1109\/PST.2013.6596058","DOI":"10.1109\/PST.2013.6596058"},{"issue":"6","key":"7407_CR12","doi-asserted-by":"publisher","first-page":"48","DOI":"10.1109\/MSP.2010.194","volume":"8","author":"JMA Calero","year":"2010","unstructured":"Calero, J.M.A., Edwards, N., Kirschnick, J., Wilcock, L., Wray, M.: Toward a multi-tenancy authorization system for cloud services. IEEE Secur. Privacy Mag. 8(6), 48\u201355 (2010). https:\/\/doi.org\/10.1109\/MSP.2010.194","journal-title":"IEEE Secur. Privacy Mag."},{"issue":"3","key":"7407_CR13","doi-asserted-by":"publisher","first-page":"159","DOI":"10.1049\/trit.2019.0018","volume":"4","author":"Z Xinchao","year":"2019","unstructured":"Xinchao, Z., Rui, Li., Xingquan, Z.: Advances on QoS-aware web service selection and composition with nature-inspired computing. CAAI Trans. Intell. Technol. 4(3), 159\u2013174 (2019)","journal-title":"CAAI Trans. Intell. Technol."},{"issue":"10","key":"7407_CR14","doi-asserted-by":"publisher","first-page":"1558","DOI":"10.1049\/iet-com.2016.0777","volume":"11","author":"S Namasudra","year":"2017","unstructured":"Namasudra, S., Roy, P.: Time saving protocol for data accessing in cloud computing. IET Commun.-Inst. Eng. Technol. 11(10), 1558\u20131565 (2017). https:\/\/doi.org\/10.1049\/iet-com.2016.0777","journal-title":"IET Commun.-Inst. Eng. Technol."},{"key":"7407_CR15","doi-asserted-by":"publisher","DOI":"10.1145\/3392665","author":"S Namasudra","year":"2020","unstructured":"Namasudra, S., Chakraborty, R., Majumder, A., Moparthi, N.R.: Securing multimedia by using DNA-based encryption in the cloud computing environment. ACM Trans. Multimedia Comput. Commun. Appl. (2020). https:\/\/doi.org\/10.1145\/3392665","journal-title":"ACM Trans. Multimedia Comput. Commun. Appl."},{"key":"7407_CR16","doi-asserted-by":"publisher","DOI":"10.1002\/cpe.3864","author":"S Namasudra","year":"2016","unstructured":"Namasudra, S., Roy, P.: A new secure authentication scheme for cloud computing environment. Concur. Comput. (2016). https:\/\/doi.org\/10.1002\/cpe.3864","journal-title":"Concur. Comput."},{"issue":"1","key":"7407_CR17","doi-asserted-by":"publisher","first-page":"9","DOI":"10.1049\/trit.2019.0048","volume":"5","author":"RM Alguliyev","year":"2020","unstructured":"Alguliyev, R.M., Aliguliyev, R.M., Sukhostat, L.V.: Efficient algorithm for big data clustering on single machine. CAAI Trans. Intell. Technol. 5(1), 9\u201314 (2020)","journal-title":"CAAI Trans. Intell. Technol."},{"key":"7407_CR18","doi-asserted-by":"publisher","first-page":"90","DOI":"10.1016\/j.future.2017.01.017","volume":"73","author":"S Namasudra","year":"2017","unstructured":"Namasudra, S., Roy, P., Vijayakumar, P., Audithan, S., Balusamy, B.: Time efficient secure DNA based access control model for cloud computing environment. Futur. Gener. Comput. Syst. 73, 90\u2013105 (2017). https:\/\/doi.org\/10.1016\/j.future.2017.01.017","journal-title":"Futur. Gener. Comput. Syst."},{"key":"7407_CR19","doi-asserted-by":"publisher","DOI":"10.1109\/TSC.2020.3046471","author":"S Namasudra","year":"2020","unstructured":"Namasudra, S.: Fast and secure data accessing by using DNA computing for the cloud environment. IEEE Trans. Serv. Comput. India (2020). https:\/\/doi.org\/10.1109\/TSC.2020.3046471","journal-title":"IEEE Trans. Serv. Comput. India"},{"issue":"4","key":"7407_CR20","doi-asserted-by":"publisher","first-page":"223","DOI":"10.1049\/trit.2019.0021","volume":"4","author":"Li Shuai","year":"2019","unstructured":"Shuai, Li., Guoyin, W., Jie, Y.: Survey on cloud model based similarity measure of uncertain concepts. CAAI Trans. Intell. Technol. 4(4), 223\u2013230 (2019)","journal-title":"CAAI Trans. Intell. Technol."},{"issue":"2\u20133","key":"7407_CR21","doi-asserted-by":"publisher","first-page":"91","DOI":"10.1016\/j.cose.2010.10.006","volume":"30","author":"P Rao","year":"2011","unstructured":"Rao, P., Lin, D., Bertino, E., Li, N., Lobo, J.: Fine-grained integration of access control policies. Comput. Secur. 30(2\u20133), 91\u2013107 (2011). https:\/\/doi.org\/10.1016\/j.cose.2010.10.006","journal-title":"Comput. Secur."},{"key":"7407_CR22","doi-asserted-by":"publisher","unstructured":"Alansari, S., Paci, F., Sassone, V.: A distributed access control system for cloud federations. In: 2017 IEEE 37th international conference on distributed computing systems (ICDCS), pp. 2131\u20132136 (2017). https:\/\/doi.org\/10.1109\/ICDCS.2017.241.","DOI":"10.1109\/ICDCS.2017.241"},{"issue":"1","key":"7407_CR23","doi-asserted-by":"publisher","first-page":"45","DOI":"10.1016\/j.jisa.2014.04.003","volume":"19","author":"YA Younis","year":"2014","unstructured":"Younis, Y.A., Kifayat, K., Merabti, M.: An access control model for cloud computing. J. Inf. Secur. Appl. 19(1), 45\u201360 (2014). https:\/\/doi.org\/10.1016\/j.jisa.2014.04.003","journal-title":"J. Inf. Secur. Appl."},{"key":"7407_CR24","unstructured":"Leandro, M.A.P., Nascimento, T.J., dos Santos, D.R., Westphall, C.M., Westphall, C.B.: Multi-tenancy authorization system with federated identity for cloud-based environments using shibboleth. In: ICN 2012: the eleventh international conference on networks, pp. 88\u201393 (2012)"},{"key":"7407_CR25","unstructured":"InCommon, \u201cShibboleth,\u201d InCommon. http:\/\/shibboleth.internet2.edu\/. Accessed 09 Dec 2019"},{"key":"7407_CR26","doi-asserted-by":"publisher","unstructured":"Chen, L., Crampton, J.: Inter-domain role mapping and least privilege. In: Proceedings of the 12th ACM symposium on access control models and technologies - SACMAT \u201907 (2007). https:\/\/doi.org\/10.1145\/1266840.1266866","DOI":"10.1145\/1266840.1266866"},{"key":"7407_CR27","unstructured":"Ferraiolo, D.F., Kuhn, D.R.: Role-based access controls. In: 15th national computer security conference, pp. 554\u2013563 (2009)"},{"issue":"2","key":"7407_CR28","doi-asserted-by":"publisher","first-page":"38","DOI":"10.1109\/2.485845","volume":"29","author":"RS Sandhu","year":"1996","unstructured":"Sandhu, R.S., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-based access control models. Computer 29(2), 38\u201347 (1996). https:\/\/doi.org\/10.1109\/2.485845","journal-title":"Computer"},{"key":"7407_CR29","doi-asserted-by":"publisher","unstructured":"Sandhu, R., Ferraiolo, D., Kuhn, R.: The NIST model for role-based access control. In: Proceedings of the fifth ACM workshop on role-based access control - RBAC \u201900, pp. 47\u201363 (2000). https:\/\/doi.org\/10.1145\/344287.344301","DOI":"10.1145\/344287.344301"},{"key":"7407_CR30","doi-asserted-by":"publisher","unstructured":"Hu, J., Li, R., Lu, Z.: On role mappings for RBAC-based secure interoperation. In: 2009 third international conference on network and system security, pp. 270\u2013277 (2009). https:\/\/doi.org\/10.1109\/NSS.2009.76","DOI":"10.1109\/NSS.2009.76"},{"key":"7407_CR31","doi-asserted-by":"crossref","unstructured":"Kamath, A., Liscano, R., El Saddik, A.: User-credential based role mapping in multi-domain environment. In: The 2006 international conference on privacy, security and trust: bridge the gap between PST technologies and business services, Canada, October 30\u2013November 1 (2006)","DOI":"10.1145\/1501434.1501507"},{"key":"7407_CR32","doi-asserted-by":"crossref","unstructured":"Lv, B., Zhang, D., Mao, R., Yang, H.: A multi-level cross-domain access control model based on role mapping. In: 2016 4th international conference on mechanical materials and manufacturing engineering (2016)","DOI":"10.2991\/mmme-16.2016.53"},{"key":"7407_CR33","doi-asserted-by":"crossref","unstructured":"Du, S., Joshi, J.B.D.: Supporting authorization query and inter-domain role mapping in presence of hybrid role hierarchy. In: The eleventh ACM symposium on access control models and technologies, pp. 228\u2013236 (2006)","DOI":"10.1145\/1133058.1133090"},{"key":"7407_CR34","doi-asserted-by":"crossref","unstructured":"Shehab, M., Bertino, E., Ghafoor, A.: SERAT: SEcure role mApping technique for decentralized secure interoperability. In: The10th ACM symposium on access control models and technologies, pp. 159\u2013167 (2005)","DOI":"10.1145\/1063979.1064007"},{"issue":"11","key":"7407_CR35","doi-asserted-by":"publisher","first-page":"1557","DOI":"10.1109\/TKDE.2005.185","volume":"17","author":"B Shafiq","year":"2005","unstructured":"Shafiq, B., Joshi, J.B.D., Bertino, E., Ghafoor, A.: Secure interoperation in a multidomain environment employing RBAC policies. IEEE Trans. Knowl. Data Eng. 17(11), 1557\u20131577 (2005)","journal-title":"IEEE Trans. Knowl. Data Eng."},{"key":"7407_CR36","volume-title":"An Introduction to Parallel Algorithms","author":"J J\u00e1J\u00e1","year":"1992","unstructured":"J\u00e1J\u00e1, J.: An Introduction to Parallel Algorithms. Addison Wesley Longman Publishing Co., Inc., Redwood City (1992)"},{"key":"7407_CR37","unstructured":"Tahir, M.: Programming concurrency in C++ - part one, C#Corner (2018). https:\/\/www.c-sharpcorner.com\/article\/programming-concurrency-in-cpp-part-1. Accessed 01 May 2021"},{"issue":"1","key":"7407_CR38","doi-asserted-by":"publisher","first-page":"11","DOI":"10.1016\/0167-8191(88)90094-4","volume":"7","author":"F Darema","year":"1988","unstructured":"Darema, F., George, D.A., Norton, V.A., Pfister, G.F.: A single-program-multiple-data computational model for EPEX\/FORTRAN. Parallel Comput. 7(1), 11\u201324 (1988). https:\/\/doi.org\/10.1016\/0167-8191(88)90094-4","journal-title":"Parallel Comput."},{"issue":"3","key":"7407_CR39","first-page":"16","volume":"6","author":"SK Meesala","year":"2016","unstructured":"Meesala, S.K., Khilar, D.P.M., Shrivastava, D.A.K.: The parallel architecture approach, single program multiple data (SPMD) implementation on clusters of terminals using Java RMI. IJCER 6(3), 16\u201323 (2016)","journal-title":"IJCER"},{"key":"7407_CR40","unstructured":"Bradley, D.: SPMD: single program multiple data streams. Tufts University. 2016. [Online]. https:\/\/slideplayer.com\/slide\/7559656. Accessed 30 Jul 2021"}],"container-title":["Distributed and Parallel Databases"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10619-022-07407-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/article\/10.1007\/s10619-022-07407-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1007\/s10619-022-07407-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2022,9,8]],"date-time":"2022-09-08T16:32:30Z","timestamp":1662654750000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1007\/s10619-022-07407-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2022,3,31]]},"references-count":40,"journal-issue":{"issue":"2-3","published-print":{"date-parts":[[2022,9]]}},"alternative-id":["7407"],"URL":"https:\/\/doi.org\/10.1007\/s10619-022-07407-9","relation":{},"ISSN":["0926-8782","1573-7578"],"issn-type":[{"type":"print","value":"0926-8782"},{"type":"electronic","value":"1573-7578"}],"subject":[],"published":{"date-parts":[[2022,3,31]]},"assertion":[{"value":"10 March 2022","order":1,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"31 March 2022","order":2,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}},{"order":1,"name":"Ethics","group":{"name":"EthicsHeading","label":"Declarations"}},{"value":"The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.","order":2,"name":"Ethics","group":{"name":"EthicsHeading","label":"Conflict of interest"}},{"value":"This article does not contain any studies with human participants or animals performed by any of the authors.","order":3,"name":"Ethics","group":{"name":"EthicsHeading","label":"Ethical approval"}}]}}