Research On Access Control In Cloud Computing Environment

With the rapid development of Internet and computer technology,cloud computing technology has gradually become the focus in the research filed of information technology,which combines distributed computing technology and network storage technology and so on.Cloud computing technology is widely used because of its advantages but it also brings a variety of security problems for cloud computing.The security issues seriously restrict the further development of cloud computing.Access control technology is an effective means which can be used for protecting the cloud resource.However,cloud computing environment has the characteristics of distributed,open and large-scale,so how to effectively protect cloud resource and make the resource flow under control also put forward a stricter requirement for access control technology in cloud computing environment.Based on the previous research,it shows that the traditional access control is no longer suitable for the cloud computing environment because it is designed only for the centralized network.Due to the fact that ABAC(Attribute-Baesd Access Control)is deemed to be a suitable access control model for distributed environment,the paper introduces trust attribute for ABAC model to solve the problem of insufficient issue of safety information in cloud environment.Therefore,we propose a trust and attribute-based access control model(T-ABAC)which includes authentication module,trust evaluation module and access decision module.The paper presents an improved algorithm based on AHP for Trust Evaluation Module.The designed algorithm is used for evaluating user's behavior to deal with the issue that trust evaluation entirely relies on subjective factors and it ensures the reasonability of trust evaluation.Three module of T-ABAC collaborate to accomplish the process of authorization based on dynamic trust attribute and multiple static attributes.The designed model meets needs of authorization of distributed,fine-grained and dynamic in cloud environment.Finally,we design and implement the T-ABAC model.The model accomplishes trust evaluation for user's behavior.According to the evaluating results,the model adjusts user's trust attributes so that the access rights of the cloud user are adjusted indirectly.The model is verified by simulation experiments and the results show that the model not only achieves fine-grained authorization,but also implements authorization based on dynamic trust attribute.