Access Control Model Based On Trust And Constraint Of Resources In Cloud Computing

Cloud computing is a new service mode that can realize the sharing of computing resources,data resources,and application resources.It features multi-tenancy,elastic expansion,and service measurability.Compared with traditional computing models,cloud computing can reduce operating costs and improve operational efficiency.Therefore,cloud computing has received extensive attention in both academia and industry.However,with the continuous development of cloud computing technology,security issues such as the confidentiality,integrity,and availability of user data placed in the cloud have become the key to limiting the development of cloud computing technology.Recent related investigations have also proved that security and privacy are the core issues most concerned and urgently addressed by users.Therefore,if we can't deal with issues related to security and privacy protection,cloud computing technology will not be able to get real large-scale applications.Access control technology refers to the effective monitoring of user access to resources,so that legitimate users can gain effective access to system resources within legal time.The access control technology in the cloud computing environment is a system security technology for securely accessing cloud resources such as cloud data resources and computing resources.As the cloud computing environment has undergone great changes in its computing model and storage model,its access controls include the inability of users to control resources,the distrust of users and cloud service providers,cross-security domain access brought by migration technologies,and multi-tenancy.With the subject definition and bypass problem caused by virtualization technology,how to effectively solve the access control problem in the cloud computing environment has become a hot topic in the field of cloud security and a core issue that needs to be solved.The main work of this article is as follows:1)Services the various elements of the traditional access control model based on the analysis of the characteristics of the current access control model and characteristics of the cloud computing like user migration,resource constraints and resource service.Extend the attribute-based access control model and trust-based access control model through the redistribution and definition of users,roles,services,permissions,and constraints.The user trust metrics and environmental resource constraint mechanisms are introduced to propose a cloud computing object.A definition of service access control model and a description of the access control process are given finally.2)In the access control model under the cloud computing environment.The user trust measurement mechanism is introduced into the cloud computing access control model.Calculate the user's historical degree of trust and initial degree of trust according to the historical visit behavior of the user in the intra-domain and inter-domain,and calculate the user's intra-domain trust degree and inter-domain trust degree by introducing the time penalty function,and calculate the calculated trust value and setting.Threshold comparison to determine the user's access rights.3)In the dynamic access control model under cloud computing environment.Through the real-time monitoring of the cloud environment load,the cloud computing environment resource attributes are included in the access control constraint mechanism.Through the changes in the attributes of environmental resources,the user's right to access cloud computing resources can be dynamically determined in real time.At the same time,the cloud service resources in execution are subjected to a reasonable state transition to avoid SLA violations happened such as system stability degradation caused by high system load.