Research On Access Control Model In Cloud Computing Environment

Since the concept of cloud computing has been proposed, the cloud computing becomes the most popular technical term in IT industry. Cloud computing has so many advantages, such as convenience, economy and high expansibility, that companies no longer need to saddle with the heavy burden both from infrastructure management and maintenance. Because of these advantages, cloud computing attracts the interest of each big company, also there is increasing research on it in academics. As a new business model, the future development prospect of cloud computing is very good. But the development of cloud computing faces many challenges, the cloud security issues, as one of the biggest obstacles to the development of cloud computing, need to be resolved. Access control management technology is an important and indispensable component for information security system, so how to do access control management in cloud computing environment well is particularly important. However, due to the many features of cloud computing, traditional access control technology is not suitable for the cloud computing environment. Therefore it is needed to study a suitable access control management model for the cloud environments.The paper aims to study the characteristics of cloud computing, and based on traditional access control managemant, an access control management reference model, which is suitable for cloud environment, is proposed. Through dividing the cloud resources into logical security domains, the model can realize safty sharing access between different logical security domains for the resources in cloud. The concept of cloud computing technology and principles are described, and the characteristics of cloud computing is analyzed. In the cloud computing environment, the physical security domain boundaries under traditional architecture mode would disappear. The resources in cloud system would lose the physical domain security control, for that, the paper divide the resource in cloud into different logical security domain to achieve security control by logical domain. Based on research on the traditional access control management techniques, the concept and models of traditional access control management techniques are described. The inadequacies of traditional access control management in the cloud computing environment are analysised. So as to resolve the information sharing access problem between the different logical security domains in the cloud, a image role-based access control management model is proposed. Based on the role-based access control management in a single logical area, the image role-based access control management model can achieve sharing access between the different logical areas through the image role. And validated the model, the model supports the information resource sharing access between different logical security domains in cloud, and can avoid the problem of privilege penetration and escalation caused by cross-domain access. It can be a reference model which is suitable for access control managemant in cloud computing environments.