{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,1,21]],"date-time":"2026-01-21T01:27:24Z","timestamp":1768958844207,"version":"3.49.0"},"reference-count":44,"publisher":"MDPI AG","issue":"3","license":[{"start":{"date-parts":[[2021,3,17]],"date-time":"2021-03-17T00:00:00Z","timestamp":1615939200000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0\/"}],"funder":[{"name":"Deanship of Scientific Research (DSR), King Abdulaziz University","award":["D-067-611-1442"],"award-info":[{"award-number":["D-067-611-1442"]}]}],"content-domain":{"domain":[],"crossmark-restriction":false},"short-container-title":["Symmetry"],"abstract":"<jats:p>Cloud data storage is revolutionary because it eliminates the need for additional hardware, which is often costly, inconvenient, and requires additional space. Cloud data storage allows data owners to store large amounts of data in a flexible way and at low cost. The number of online cloud storage services and their consumers has therefore increased dramatically. However, ensuring the privacy and security of data on a digital platform is often a challenge. A cryptographic task-role-based access control (T-RBAC) approach can be used to protect data privacy. This approach ensures the accessibility of data for authorized consumers and keeps it safe from unauthorized consumers. However, this type of cryptographic approach does not address the issue of trust. In this paper, we propose a comprehensive trust model integrated with a cryptographic T-RBAC to enhance the privacy and security of data stored in cloud storage systems, and suggests that trust models involve inheritance and hierarchy in the roles and tasks of trustworthiness evaluation, where this study aims to identify the most feasible solution for the trust issue in T-RBAC approaches. Risk evaluations regarding other possible flaws of the design are also performed. The proposed design can decrease risk by providing high security for cloud storage systems and improve the quality of decisions of cloud operators and data owners.<\/jats:p>","DOI":"10.3390\/sym13030492","type":"journal-article","created":{"date-parts":[[2021,3,17]],"date-time":"2021-03-17T21:43:31Z","timestamp":1616017411000},"page":"492","update-policy":"https:\/\/doi.org\/10.3390\/mdpi_crossmark_policy","source":"Crossref","is-referenced-by-count":26,"title":["Integrating a High-Reliability Multicriteria Trust Evaluation Model with Task Role-Based Access Control for Cloud Services"],"prefix":"10.3390","volume":"13","author":[{"given":"Salah T.","family":"Alshammari","sequence":"first","affiliation":[{"name":"Department of Computer Science, College of Computing and Information Technology, King Abdul-Aziz University, Jeddah 21589, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0003-3796-0294","authenticated-orcid":false,"given":"Aiiad","family":"Albeshri","sequence":"additional","affiliation":[{"name":"Department of Computer Science, College of Computing and Information Technology, King Abdul-Aziz University, Jeddah 21589, Saudi Arabia"}]},{"ORCID":"https:\/\/orcid.org\/0000-0001-5617-4198","authenticated-orcid":false,"given":"Khalid","family":"Alsubhi","sequence":"additional","affiliation":[{"name":"Department of Computer Science, College of Computing and Information Technology, King Abdul-Aziz University, Jeddah 21589, Saudi Arabia"}]}],"member":"1968","published-online":{"date-parts":[[2021,3,17]]},"reference":[{"key":"ref_1","doi-asserted-by":"crossref","unstructured":"Noor, T.H., Sheng, Q.Z., and Bouguettaya, A. (2014). Trust Management in Cloud Services, Springer.","DOI":"10.1007\/978-3-319-12250-2"},{"key":"ref_2","doi-asserted-by":"crossref","unstructured":"Brooks, T.T. (2017). Cyber-Assurance for the Internet of Things, John Wiley & Sons.","DOI":"10.1002\/9781119193784"},{"key":"ref_3","doi-asserted-by":"crossref","unstructured":"Bhatt, S., Patwa, F., and Sandhu, R. (2017, January 15\u201317). An access control framework for cloud-enabled wearable internet of things. Proceedings of the 2017 IEEE 3rd International Conference on Collaboration and Internet Computing (CIC), San Jose, CA, USA.","DOI":"10.1109\/CIC.2017.00050"},{"key":"ref_4","doi-asserted-by":"crossref","unstructured":"Firdhous, M., Ghazali, O., and Hassan, S. (2012). Trust management in cloud computing: A critical review. arXiv.","DOI":"10.4038\/icter.v4i2.4674"},{"key":"ref_5","doi-asserted-by":"crossref","first-page":"2381","DOI":"10.1109\/TIFS.2015.2455952","article-title":"Trust enhanced cryptographic role-based access control for secure cloud data storage","volume":"10","author":"Zhou","year":"2015","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_6","doi-asserted-by":"crossref","first-page":"781","DOI":"10.1142\/S0218194018500225","article-title":"An adaptation of context and trust aware workflow oriented access control for remote healthcare","volume":"28","author":"Bhattasali","year":"2018","journal-title":"Int. J. Softw. Eng. Knowl. Eng."},{"key":"ref_7","doi-asserted-by":"crossref","first-page":"2225","DOI":"10.1093\/comjnl\/bxu129","article-title":"A trust evaluation model for cloud computing using service level agreement","volume":"58","author":"Marudhadevi","year":"2015","journal-title":"Comput. J."},{"key":"ref_8","doi-asserted-by":"crossref","unstructured":"Tsai, W.T., Zhong, P., Bai, X., and Elston, J. (2009, January 14\u201315). Role-based trust model for community of interest. Proceedings of the 2009 IEEE International Conference on Service-Oriented Computing and Applications (SOCA), Taipei, Taiwan.","DOI":"10.1109\/SOCA.2009.5410472"},{"key":"ref_9","first-page":"12125","article-title":"A Survey on Authentication and Access Control for Cloud Computing using RBDAC Mechanism","volume":"3","author":"Varsha","year":"2015","journal-title":"Int. J. Innov. Res. Comput. Commun. Eng."},{"key":"ref_10","doi-asserted-by":"crossref","first-page":"2167","DOI":"10.1109\/TIFS.2018.2812166","article-title":"A domain partition-based trust model for unreliable clouds","volume":"13","author":"Zhang","year":"2018","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_11","doi-asserted-by":"crossref","unstructured":"Iltaf, N., Ghafoor, A., and Hussain, M. (2012). Modeling interaction using trust and recommendation in ubiquitous computing environment. EURASIP J. Wirel. Commun. Netw., 119.","DOI":"10.1186\/1687-1499-2012-119"},{"key":"ref_12","doi-asserted-by":"crossref","unstructured":"Tan, Z., Tang, Z., Li, R., Sallam, A., and Yang, L. (2011, January 20\u201322). Research on trust-based access control model in cloud computing. Proceedings of the 2011 6th IEEE Joint International Information Technology and Artificial Intelligence Conference, Chongqing, China.","DOI":"10.1109\/ITAIC.2011.6030345"},{"key":"ref_13","doi-asserted-by":"crossref","first-page":"2375","DOI":"10.1109\/TPDS.2012.337","article-title":"Enabling dynamic data and indirect mutual trust for cloud computing storage systems","volume":"24","author":"Barsoum","year":"2012","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_14","doi-asserted-by":"crossref","first-page":"147","DOI":"10.1016\/j.future.2013.05.010","article-title":"An extended attribute based access control model with trust and privacy: Application to a collaborative crisis management system","volume":"31","author":"Smari","year":"2014","journal-title":"Future Gener. Comput. Syst."},{"key":"ref_15","unstructured":"Whitman, M., and Mattord, H.J. (2011). Principles of Information Security, CENGAGE Learning."},{"key":"ref_16","doi-asserted-by":"crossref","first-page":"39","DOI":"10.1049\/iet-ifs.2012.0232","article-title":"Adaptive and attribute-based trust model for service-level agreement guarantee in cloud computing","volume":"7","author":"Li","year":"2013","journal-title":"IET Inf. Secur."},{"key":"ref_17","doi-asserted-by":"crossref","first-page":"1755","DOI":"10.1109\/JPROC.2010.2059690","article-title":"A survey of trust and reputation management systems in wireless communications","volume":"98","author":"Yu","year":"2010","journal-title":"Proc. IEEE"},{"key":"ref_18","doi-asserted-by":"crossref","unstructured":"Chang, W., Xu, F., and Dou, J. (2012, January 7\u20139). A Trust and Unauthorized Operation Based RBAC (TUORBAC) Model. Proceedings of the 2012 International Conference on Control Engineering and Communication Technology, Shenyang, China.","DOI":"10.1109\/ICCECT.2012.217"},{"key":"ref_19","doi-asserted-by":"crossref","unstructured":"Liu, K., Zhou, Z., Chen, Q., and Yang, X. (2015, January 18\u201320). Towards an attribute-based authorization model with task-role-based access control for WfMS. Proceedings of the 2015 IEEE 16th International Conference on Communication Technology (ICCT), Hangzhou, China.","DOI":"10.1109\/ICCT.2015.7399859"},{"key":"ref_20","doi-asserted-by":"crossref","unstructured":"Wang, P., and Jiang, L. (2015, January 29\u201330). Task-role-based access control model in smart health-care system. Proceedings of the MATEC Web of Conferences International Conference on Engineering Technology and Application (ICETA 2015), Xiamen, China.","DOI":"10.1051\/matecconf\/20152201011"},{"key":"ref_21","unstructured":"Fan, Y.-Q., and Zhang, Y.-S. (2015, January 13\u201315). Trusted Access Control Model Based on Role and Task in Cloud Computing. Proceedings of the 2015 7th International Conference on Information Technology in Medicine and Education (ITME), Huangshan, China."},{"key":"ref_22","doi-asserted-by":"crossref","unstructured":"Huang, L., Xiong, Z., and Wang, G. (2016, January 27\u201329). A trust-role access control model facing cloud computing. Proceedings of the 2016 35th Chinese Control Conference (CCC), Chengdu, China.","DOI":"10.1109\/ChiCC.2016.7554170"},{"key":"ref_23","doi-asserted-by":"crossref","unstructured":"Chakraborty, S., and Ray, I. (2006, January 7\u20139). TrustBAC: Integrating trust relationships into the RBAC model for access control in open systems. Proceedings of the Eleventh ACM Symposium on Access Control Models and Technologies, Lake Tahoe, CA, USA.","DOI":"10.1145\/1133058.1133067"},{"key":"ref_24","doi-asserted-by":"crossref","unstructured":"Deng, W., and Zhou, Z. (2012, January 6\u20138). A flexible rbac model based on trust in open system. Proceedings of the 2012 Third Global Congress on Intelligent Systems, Wuhan, China.","DOI":"10.1109\/GCIS.2012.79"},{"key":"ref_25","doi-asserted-by":"crossref","first-page":"533","DOI":"10.1016\/S0306-4379(02)00029-7","article-title":"Task\u2013role-based access control model","volume":"28","author":"Oh","year":"2003","journal-title":"Inf. Syst."},{"key":"ref_26","unstructured":"Zhao, L., Liu, S., Li, J., and Xu, H. (2010, January 17\u201318). A dynamic access control model based on trust. Proceedings of the 2010 the 2nd Conference on Environmental Science and Information Application Technology, Wuhan, China."},{"key":"ref_27","doi-asserted-by":"crossref","unstructured":"Zhou, L., Varadharajan, V., and Hitchens, M. (2013, January 16\u201318). Integrating trust with cryptographic role-based access control for secure cloud data storage. Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Melbourne, Australia.","DOI":"10.1109\/TrustCom.2013.69"},{"key":"ref_28","doi-asserted-by":"crossref","first-page":"154","DOI":"10.1109\/CC.2014.6827577","article-title":"MTBAC: A mutual trust based access control model in cloud computing","volume":"11","author":"Lin","year":"2014","journal-title":"China Commun."},{"key":"ref_29","first-page":"118","article-title":"An authenticated trust and reputation calculation and management system for cloud and sensor networks integration","volume":"10","author":"Zhu","year":"2014","journal-title":"IEEE Trans. Inf. Forensics Secur."},{"key":"ref_30","doi-asserted-by":"crossref","first-page":"1419","DOI":"10.1109\/TPDS.2014.2321750","article-title":"Service operator-aware trust scheme for resource matchmaking across multiple clouds","volume":"26","author":"Li","year":"2014","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_31","doi-asserted-by":"crossref","unstructured":"Uikey, C., and Bhilare, D.S. (2017, January 17\u201319). TrustRBAC: Trust role based access control model in multi-domain cloud environments. Proceedings of the 2017 International Conference on Information, Communication, Instrumentation and Control (ICICIC), Indore, India.","DOI":"10.1109\/ICOMICON.2017.8279087"},{"key":"ref_32","doi-asserted-by":"crossref","first-page":"778","DOI":"10.1109\/TPDS.2018.2870652","article-title":"A thorough trust and reputation based RBAC model for secure data storage in the cloud","volume":"30","author":"Ghafoorian","year":"2018","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_33","doi-asserted-by":"crossref","unstructured":"Ko, R.K., Jagadpramana, P., Mowbray, M., Pearson, S., Kirchberg, M., Liang, Q., and Lee, B.S. (2011, January 4\u20139). TrustCloud: A framework for accountability and trust in cloud computing. Proceedings of the 2011 IEEE World Congress on Services, Washington, DC, USA.","DOI":"10.1109\/SERVICES.2011.91"},{"key":"ref_34","doi-asserted-by":"crossref","unstructured":"Hasan, O., Brunie, L., Pierson, J.M., and Bertino, E. (2009, January 15\u201319). Elimination of subjectivity from trust recommendation. Proceedings of the IFIP International Conference on Trust Management, West Lafayette, IN, USA.","DOI":"10.1007\/978-3-642-02056-8_5"},{"key":"ref_35","doi-asserted-by":"crossref","unstructured":"Noor, T.H., Sheng, Q.Z., and Alfazi, A. (2013, January 16\u201318). Reputation attacks detection for effective trust assessment among cloud services. Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications, Melbourne, Australia.","DOI":"10.1109\/TrustCom.2013.59"},{"key":"ref_36","doi-asserted-by":"crossref","first-page":"43752","DOI":"10.1109\/ACCESS.2020.2978452","article-title":"Enhanced QoS-based model for trust assessment in cloud computing environment","volume":"8","author":"Hassan","year":"2020","journal-title":"IEEE Access"},{"key":"ref_37","doi-asserted-by":"crossref","unstructured":"Han, H.X. (2021). Research on Adaptive Relationship between Trust and Privacy in Cloud Service. IEEE Access.","DOI":"10.1109\/ACCESS.2021.3054634"},{"key":"ref_38","unstructured":"Josang, A., and Ismail, R. (2002, January 17\u201319). The beta reputation system. Proceedings of the 15th Bled Electronic Commerce Conference, Bled, Slovenia."},{"key":"ref_39","doi-asserted-by":"crossref","unstructured":"Van Gorp, P., and Comuzzi, M. (2012, January 20\u201322). MyPHRMachines: Lifelong personal health records in the cloud. Proceedings of the 2012 25th IEEE International Symposium on Computer-Based Medical Systems (CBMS), Rome, Italy.","DOI":"10.1109\/CBMS.2012.6266378"},{"key":"ref_40","doi-asserted-by":"crossref","first-page":"367","DOI":"10.1109\/TPDS.2015.2408613","article-title":"CloudArmor: Supporting reputation-based trust management for cloud services","volume":"27","author":"Noor","year":"2015","journal-title":"IEEE Trans. Parallel Distrib. Syst."},{"key":"ref_41","unstructured":"Oleshchuk, V. (2012, January 17\u201319). Trust-aware rbac. Proceedings of the International Conference on Mathematical Methods, Models, and Architectures for Computer Network Security, St. Petersburg, Russia."},{"key":"ref_42","doi-asserted-by":"crossref","first-page":"207","DOI":"10.1007\/s10660-015-9182-7","article-title":"TACO: A novel method for trust rating subjectivity elimination based on Trust Attitudes COmparison","volume":"15","author":"Zupancic","year":"2015","journal-title":"Electron. Commer. Res."},{"key":"ref_43","doi-asserted-by":"crossref","unstructured":"Noor, T.H., Sheng, Q.Z., and Alfazi, A. (2013, January 8\u201312). Detecting occasional reputation attacks on cloud services. Proceedings of the International Conference on Web Engineering, Aalborg, Denmark.","DOI":"10.1007\/978-3-642-39200-9_35"},{"key":"ref_44","doi-asserted-by":"crossref","first-page":"60117","DOI":"10.1109\/ACCESS.2020.2982318","article-title":"Trust and reputation in the internet of things: State-of-the-art and research challenges","volume":"8","author":"Fortino","year":"2020","journal-title":"IEEE Access"}],"container-title":["Symmetry"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/www.mdpi.com\/2073-8994\/13\/3\/492\/pdf","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,10,11]],"date-time":"2025-10-11T05:37:14Z","timestamp":1760161034000},"score":1,"resource":{"primary":{"URL":"https:\/\/www.mdpi.com\/2073-8994\/13\/3\/492"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2021,3,17]]},"references-count":44,"journal-issue":{"issue":"3","published-online":{"date-parts":[[2021,3]]}},"alternative-id":["sym13030492"],"URL":"https:\/\/doi.org\/10.3390\/sym13030492","relation":{},"ISSN":["2073-8994"],"issn-type":[{"value":"2073-8994","type":"electronic"}],"subject":[],"published":{"date-parts":[[2021,3,17]]}}}