The Optimization Of User Utility And Security Based On Access Control Model In The Cloud Computing Environment

In cloud computing environment, all varieties of services and dates which users need are concentrated in the "cloud" side storage, data center of service provider is responsible for keeping information which is stored in the end-users’ personal computers in the past or enterprises’own data centers, users access these applications and dates by Internet remotely, theses two issues safety and utility have already got most attention in the cloud computing field. Existing distributed access control models can not adapt to the security needs of cloud computing environment, because of the single role, cannot adjust their active permissions dynamically and so on. Therefore, this paper focuses on the research of optimizing the safety and utility, proposing safety policy optimized model in cloud computing environment based on stochastic programming theory, building mathematical models which are on the basis of ensured data security to enhance the users’utility, model analysis and optimization, and ultimately get the best optimized configuration of security policy in cloud environment to guide the formulation and dynamic adjustment of access control policy in cloud computing environment, and to meet the users’ demands, such as response time, resources availability and other utility requirements.Cloud computing environment contains three entities:end user, service provider and data owner. The user initiates a request to access the cloud environmental resources, the resources provided upon request by service provider may come from different security domains, and these resources may belong to different data owners. This special form of entities makes it difficult for the existing access control model to adapt to cloud computing environment. For the lack of traditional access control model, this paper has presented a certificate-based dynamic access control model in cloud computing environment. Through extending single character type of the traditional access, the role of cloud computing environment is classified into the main role and the data owner. In addition, identity certificate is introduced into the access control model, and a certificate-based dynamic access control model CARBAC was presented. Also, it put forward the trust management mechanism of CARBAC model and provides the authorization process of this model.Utility function presents the quantitative relationship between the gained utility and the consumed services composition when user access to the cloud centre. It can measure the users’satisfaction of task completion rate, task execution time, task execution cost, and task resource risk. On the basis of logarithm utility theory in economics, this paper has taken the expectations of cloud computing environment users, service providers and the resource owners into consideration comprehensively, and given the method for user utility analysis in cloud computing environment based on CARBAC model. Besides, the expected utility of users in cloud computing environment was modeled and simulated. The simulation results show that there is an ideal value for the number of tasks submitted by user, near which the user utility is optimal.Virtual machine is the basic unit of cloud computing resources, in the implementation process of cloud computing, cloud users can acquire computing resources from cloud suppliers to meet their service needs through payment. For the objection of response time, expenses consuming and resource security in the distribution of virtual machine, this paper has proposed a optimization algorithm of user utility and safety based on the distribution of virtual machine, which can take user utility and resource safety into consideration comprehensively in the context of demand uncertainty, schedule and allocate the virtual machine resources belonging to different providers, and meet multiple targets of system user utility and resource safety.Finally, this paper has made the full use of the results of stochastic programming optimization based on multi-objective decision-making mechanism of the dynamic access control in cloud environment, and proposed the optimization calculations of the cloud computing access control policy about utility and safety. This method can optimize the assigned relationship of users and roles. It designates the roles that simultaneously meet the following requirements to users, ensuring the user utility, which means meeting users’original assigned permissions, satisfying the principle of least privilege, and lowering the risk when users perform these permissions. Aiming at the proposed access control model CARBAC based on cloud computing and the optimization solutions of user utility and safety in the model, this paper has proposed safety analysis example based on trust management language RT[←,(?)], and replied how to evaluate and validate the safety and utility of the security policy in the model which is proposed in this paper.Using cloud security strategy management platform based on the method of stochastic programming can well satisfy the availability, scalability, maintainability, high security and many other requirements of security policy in large-scale distributed systems. The research of cloud computing utility security optimized model based on stochastic programming will expand the traditional theories and methods of distributed access control, and play a positive promoting role on solving many access control problems of distributed applications. Growing network size and dynamic network environment have brought unprecedented challenges to the security in distributed computing environment such as cloud computing. The satisfactory resolution of these issues has not only very important theoretical significance of the development of distributed access control model in cloud computing environment, but also important guiding significance and wide range of application prospect of scheduling users’task queue, formulating the cost of task performing and distributing the computing resource by cloud computing center based on users’utility and safety policy.This paper has presented a new mentality and method for balancing and optimizing resource security and user utility in cloud computing environment, proceeded in-depth research in correlation theory of security policy optimal model in cloud computing environment, solved some scientific problems of cloud computing safety, such as modeling analysis of user access policy security and utility property in cloud computing environment, safety optimalization and verification of access control policy of service process and so on. The outcomes can optimize user utility and resource security in cloud computing center, in addition they have significant theoretical significance for the development of access control theory in cloud computing environment.