Open Access Open Access  Restricted Access Subscription Access

Light Weight Access Control Mechanism for Mobile-based Cloud Data Storage

Rajat Saxena, Somnath Dey


Cloud computing is the fastest growing field of service provision in Information Technology (IT) industry. It provides on-demand and cost-effective services such as Software as a Service (SaaS), Platform as a Service (PaaS) and Infrastructure as a Service (IaaS). In cloud environment, many security challenges have pinched out such as data security, malicious insider attack, cyber attack, and abuse of cloud services. In this paper, we have analyzed and identified the different major gaps between conventional access control schemes based on their demerits and requirements for the cloud access. We have proposed a Light-Weight Access Control (LWAC) model, which fulfills all cloud access control requirements. Our approach has ensured the secure and efficient sharing of resources among various non-trusted tenants and also has the capacity to support the different access permissions for the same user using multiple services securely. We have also implemented a prototype of our work which illustrates the efficient access control in the cloud environment. This prototype delivers the different cloud services within the distributed cloud environment. It also demonstrates the effective and secure access control to fetch multiple services for various resources within the capabilities assigned to the user. The comparative results show the genuine application of our approach within the latest distributed cloud environment.

Full Text:



Al-Kahtani, M., Sandhu, R., et al. 2002. A model for attribute-based user-role assignment.

In Computer Security Applications Conference, 2002. Proceedings. 18th Annual. IEEE, 353{

Ausanka-Crues, R. 2001. Methods for access control: advances and limitations. Harvey Mudd

College 301.

Cloudera. 2014. Cloudera downloads get started with hadoop @ONLINE.

Lampson, B. W. 1974. Protection. SIGOPS Oper. Syst. Rev. 8, 1 (Jan.), 18{24.

Laurie, B. 2009. Access control (v0. 1).

Ruj, S. and Saxena, R. Jan 2015. Securing cloud data. Cloud Computing with e-Science

Applications, pp 41{72.

Saxena, R. and Dey, S. 2014. Collaborative approach for data integrity verication in cloud

computing. In Recent Trends in Computer Networks and Distributed Systems Security

- Second International Conference, SNDS 2014, Trivandrum, India, March 13-14, 2014,

Proceedings. 1{15.

Saxena, R. and Dey, S. 2015. Cloud shield: Eective solution for ddos in cloud. In Internet

and Distributed Computing Systems - 8th International Conference, IDCS 2015, Windsor,

UK, September 2-4, 2015. Proceedings. 3{10.

Saxena, R. and Dey, S. 2016. A novel access control model for cloud computing. 81{94.

Saxena, R. and Dey, S. 2017. A curious collaborative approach for data integrity verication

in cloud computing. CSI Transactions on ICT .

Stinson, D., Wei, R., and Paterson, M. B. 2009. Combinatorial batch codes. Advances in

Mathematics of Communications 3, 1, 13{27.

Sun, L., Wang, H., Yong, J., and Wu, G. 2012. Semantic access control for cloud computing

based on e-healthcare. In Computer Supported Cooperative Work in Design (CSCWD),

IEEE 16th International Conference on. IEEE, 512{518.

Tianyi, Z., Weidong, L., and Jiaxing, S. 2011. An ecient role based access control system

for cloud computing. In Computer and Information Technology (CIT), 2011 IEEE 11th

International Conference on. IEEE, 97{102.

Tsai, W.-T. and Shao, Q. 2011. Role-based access-control using reference ontology in clouds.

In Autonomous Decentralized Systems (ISADS), 2011 10th International Symposium on.

IEEE, 121{128.

Wang, W., Han, J., Song, M., andWang, X. 2011. The design of a trust and role based access

control model in cloud computing. In Pervasive Computing and Applications (ICPCA),

6th International Conference on. IEEE, 330{334.

XenServer. 2014. Download xenserver 6.2 @ONLINE.