| Cloud Computing becomes very attractive and widely accepted as new paradigm of computing environment by IT industry in today. Its main strengths like service ubiquity, virtually unlimited computing resources, low cost of TCO (Total cost of ownership) and high ROI (Return of Investment). However, despite of this growing popularity of cloud computing, securing cloud computing resources still remains as a major challenge and concern for many organizations who either already adapt and use the cloud computing or are planning to migrate their business applications to cloud.;The main reason for this concern is originated from sharing cloud resources with others' applications (multi-tenancy), and the physical location of stored data that could be subject to different legal regulations by the physical location. Furthermore, customers have no knowledge whom they are sharing their data with, and how securely their data is maintained and protected. Especially, their concerns even escalate when their data contain their customers' private information and their company's business secret data.;There are many research efforts to resolve the cloud computing security issues in various aspects such as data encryption, securing data communication, firewalls, strong user authentication, and access control management. We believe that providing secure and reliable cloud computing begins with securing cloud resources from malicious or unauthorized access.;In this thesis, we proposes a fine grained role based access control framework with various features including security of sensitive data, fine grained authorization policy and secure data from hackers. Our proposed role based access control algorithm provides tailored and fine level of user access control services without adding complexity, and supports access privileges updates dynamically when a user's role is added or updated. |
