The applicability of mobile cloud computing has revolutionized the way large amounts of data can be stored and accessed; however, concerns with respect to security and privacy persist. The authors of this paper propose that fine-grained access control may be able to address this concern.
The proposed reputation and mechanism design-based trustworthy access control (RMTAC) model aims to provide secure and privacy-aware big data access control in mobile cloud computing. Existing models are inadequate because they do not account for insider threats. An insider threat is not thwarted by encryption because, by virtue of them being insiders, they have tacit knowledge and are able to crack encryption keys. Also, existing models are not privacy preserving and do not take into account aspects such as information leaks and fine-grained access control.
The authors conducted simulation-based comparative experiments. They verified that RMTAC is secure, privacy preserving, and efficient. The model was found to be more effective than a role-based encryption access control model with respect to internal attacks. This paper provides a unique solution to the generic problem of insider threats, which is notoriously difficult to manage.