A Hybrid Trust Based Access Control Framework for Cloud Computing

Abstract

Cloud computing is a modern technology that offers service oriented features to the users. The architecture of cloud computing stands on the three defining services (Infrastructure as a Service(IaaS), Platform as a Service(PaaS) and Software as a Service(SaaS)) as these utility services over the Internet. It has become very popular among the Internet users because through cloud computing users can share multiple resources, get higher bandwidth, more computational power and very large space to store their data. As the environment of cloud computing is quite large, it becomes very vulnerable to security threats and attacks. The versatility of cloud users makes cloud computing vulnerable because different type of users
contains multiple operating system, set of protocols and firewalls. For cloud services it is very necessary to protect the cloud user data as well as services own data. ISO 9126 software engineering document describes different features required for assuring the quality of any software. Functionality is the foremost desired quality with access control as one of its essential characteristics. So to get uninterrupted high quality cloud services and protect it
from the above mentioned and other threats, attacks and vulnerabilities, we proposed a hybrid trust access control framework. In this work, a mutual trust based access control model has been proposed that determines the trust for the most important participating entities in the cloud - users and service entities. It has two main control modules-user trust computation module and service entity trust computation module. The main focus of this work is to decide
access for user using computed trust value and device appropriate cloud service entity to be selected for the user based on his preference.