Research On Trust-Based Access Control Model In Cloud Computing Environment

In recent years, with the rapid development of information technology, cloudcomputing has become a hotspot in academe and industry as one of the sustaintechnology for intelligence earth and modern service. Through integrating large-scale computing resources and forming a huge resource pool, cloud computingprovides many opportunities for enterprises or individuals by offering a range ofcomputing services. The cloud computing makes great development because of moreand more companies have been devoting much energy into it. The development ofcloud computing is changing our life gradually, so it is very important to study cloudcomputing technology. Now, security is one of the most notable problems in cloudcomputing environment. Based on the deep analyses of security actuality of cloudcomputing, we focus this research on access control for cloud computing. The maincontents are as follows:Firstly, we analyze the characteristics and the security issues of cloudcomputing. In this paper, we proposed a trust model based on vector of trustedvalues by introducing the concept of trust into cloud computing. Then the method forcalculating trust-degree between two entities is described in detail. In order toevaluate the recommendation trust-degree, we introduce confidence factor and timefactor into the trust model. And for the process of calculating trust-degree, weintroduce time sensitivity factor to deal with defection attacks which generated bydirect trust, moreover we introduce attenuation function and recommendation factorto deal with imputation attack and conspiracy deceive which generated byrecommendation trust. The purpose of this trust model is to quantize the trustrelationship between entities in cloud computing and resolve the trust attack.What’s more, to satisfy the requirements of dynamic and real-time of cloudcomputing, we propose a trust-based dynamic access control model for cloudcomputing environment inspired by the GTRBAC model, where the users canvalidate their legal identities and acquire their access control privileges for theresources according to the role information and the trust-degree in the lightweightcertificates. The trust-degree in the certificate can be calculated by the directtrust-degree (DT) and recommendation trust-degree (RT), while the accesspermission for the resources can be decided by comparing the trust-degree withtrust-degree threshold, in order to achieve effective control for cloud computingresource. Finally, we propose to use security analysis techniques to maintain desirablesecurity properties of Trust-Based Dynamic Access Control (TBDAC). And we gavea precise definition of two kinds of security analysis problems in TBDAC. Also weestablished the relationship between TBDAC and Role-based Trust-managementthrough reducing the two kinds of security analysis problems, after we gave efficientreduction algorithms. Our theoretical analysis results show that the most of securityanalysis instances can be answered efficiently in a time polynomial with respect tothe size of the instance.