Research On Trust Based Access Control Technology In Cloud Computing Environment

As a new computing mode, cloud computing can provide users with virtualizedand scalable web services, which faced with serious security challenges, however.Access control is one of the most important measures to ensure the security of cloudcomputing. But applying traditional access control model into the Cloud directlycould not solve the uncertainty and vulnerability caused by the open conditions ofcloud computing. In cloud computing environment, only when the security andreliability in and out the Cloud are ensured, the security can be effectively guaranteedduring interactions between users and the Cloud. Therefore, this thesis focuses onbuilding a mutual trust relationship between users and cloud server and implementingthe dynamic mutual trust and role based access control method in cloud computingenvironment. Detailed research contents are summarized as follows:(1) Propose a user’s behavior trust hierarchical model based on a tertiarystructure of trust evidence, trust attribute and trust value. In this model, we first collectuser’s history behavior information as original trust evidences, and then divideoriginal trust evidences into several trust attribute sets according to theircharacteristics. User’s behavior trust value will be calculated eventually according touser’s behavior trust attributes and their weights.(2) Design an Ant Colony Optimization based trust evaluation model of theCloud server. Trust evaluation of the cloud service nodes should fully consider howuser’s trust towards the Cloud server changes with interactive frequency and timefactor. Using ant colony algorithm and introducing trust pheromone into this model toevaluate trust degrees of cloud service nodes, a dynamic cloud computing behaviortrust model is established. Cloud service node’s trust degree will be calculated andupdated along with interactive frequency and time, and thus recommend moretrustworthy cloud service nodes for the user.(3) Present a dynamic role based access control method on the basis of mutualbehavior trust in cloud computing environment (MTBAC). This thesis illustrates thedefinition, framework, algorithm flow and multi-domain authorization and decisionmaking mechanism of MTBAC. MTBAC fully integrates the advantages of RBACmodel and considers dynamic and multi-domain feature of cloud computingenvironment, and implements dynamic role based access control policy both in localdomain and cross-domain of cloud computing on the basis of mutual trust between the user and Cloud server.(4) Design two sets of simulation experiments to analyze the performance ofMTBAC. Compared with some other access control methods, the effectiveness andsuitability of trust based access control model in cloud computing will be verified;compared with on-way trust, the advantages of two-way trust based access controlbetween cloud user and cloud server will be analyzed by compared experiments.