ACTRA: A PRIVACY-PRESERVING FRAMEWORK FOR AUDITING AND CONTROL OF TIME-RESTRICTED ACCESS IN CLOUD ENVIRONMENTS

Abstract

Cloud computing has revolutionized data storage
and accessibility, but it introduces significant
challenges related to security, privacy, and access
control. Traditional cloud systems rely on static
permission models that often grant long-term
access without considering dynamic user
requirements, thereby increasing the risk of
unauthorized data usage. To address these
limitations, this paper proposes ACTRA, a privacypreserving
framework designed for auditing and
controlling time-restricted access in cloud
environments. The system enables fine-grained
authorization where users are assigned specific
permissions such as read, write, share, and audit
based on predefined roles. A key feature of ACTRA
is time-limited access, which allows users to grant
permissions for a defined duration, after which
access is automatically revoked. Additionally, the
framework integrates real-time notification
mechanisms to alert users about data access
activities, enhancing transparency and trust.
ACTRA also maintains comprehensive audit logs
capturing user identity, timestamps, device details,
and performed actions, which support compliance
and forensic analysis. To further strengthen
security, the system incorporates dynamic key
management techniques such as key rotation and
expiration to prevent prolonged exposure. A novel
contribution of the framework is its risk-based
access control mechanism, which evaluates user
behavior patterns and assigns risk scores to
determine access decisions. By combining finegrained
control, auditing, and behavioral analysis,
ACTRA offers a secure, scalable, and intelligent
solution for modern cloud data management.