With the vigorous development of cloud computing, most organizations have shifted their data and applications to the cloud environment for storage, computation, and sharing purposes. During storage and data sharing across the participating entities, a malicious agent may gain access to outsourced data from the cloud environment. A malicious agent is an entity that deliberately breaches the data. This information accessed might be misused or revealed to unauthorized parties. Therefore, data protection and prediction of malicious agents have become a demanding task that needs to be addressed appropriately. To deal with this crucial and challenging issue, this paper presents a Malicious Agent Identification-based Data Security (MAIDS) Model which utilizes XGBoost machine learning classification algorithm for securing data allocation and communication among different participating entities in the cloud system. The proposed model explores and computes intended multiple security parameters associated with online data communication or transactions. Correspondingly, a security-focused knowledge database is produced for developing the XGBoost Classifier-based Malicious Agent Prediction (XC-MAP) unit. Unlike the existing approaches, which only identify malicious agents after data leaks, MAIDS proactively identifies malicious agents by examining their eligibility for respective data access. In this way, the model provides a comprehensive solution to safeguard crucial data from both intentional and non-intentional breaches, by granting data to authorized agents only by evaluating the agents behavior and predicting the malicious agent before granting data.

翻译：随着云计算的蓬勃发展，大多数组织已将其数据和应用迁移至云环境进行存储、计算和共享。在参与实体间的存储和数据共享过程中，恶意代理可能从云环境中获取外包数据。恶意代理是指蓄意破坏数据的实体。这些被获取的信息可能遭到滥用或泄露给未经授权的第三方。因此，数据保护和恶意代理预测已成为一项亟待妥善解决的重要任务。为应对这一关键且具有挑战性的问题，本文提出了一种基于恶意代理识别的数据安全（MAIDS）模型，该模型利用XGBoost机器学习分类算法来保障云系统中不同参与实体间的数据分配与通信安全。所提出的模型探索并计算了与在线数据通信或交易相关的多个目标安全参数。相应地，生成了一个专注于安全的知识数据库，用于开发基于XGBoost分类器的恶意代理预测（XC-MAP）单元。与现有方法仅在数据泄露后识别恶意代理不同，MAIDS通过检查代理对相应数据访问的资格，主动识别恶意代理。通过这种方式，该模型仅通过评估代理行为并在授予数据前预测恶意代理，将数据授予授权代理，从而为保护关键数据免受故意和非故意泄露提供了一个全面的解决方案。