Author : Salil Ajgaonkar, Harish Indalkar and Jaya Jeswani

Cloud computing is a new generation technology that provides a number of services with great efficiency and performance by removing any forms of restrictions imposed by the limitations of user’s hardware and software. However such an advanced technology comes with a risk of having loop holes in its sophisticated design that makes the system vulnerable to attacks and failure in its purpose of design. Thus security forms one of the important aspects in cloud computing. One of the most fundamental requirements in cloud computing is access control which has the paramount responsibility of providing smooth and easy access to authorized users as well as, at the same time, preventing access to any unauthorized users. Not only users but the system is also prone to insider attacks by those who are familiar with the architecture of the system. Traditional models like Mandatory access model (MAC) and Discretionary access model (DAC) may prove suitable for applications run on computer hardware but not for cloud computing applications. This paper presents a detailed analysis for access control in cloud computing, points out certain requirements not met by conventional access control model and a possible solution to these drawbacks.

Keywords: Cloud computing, Security, Access Control, Roles, Task, Insider Attacks, Encryption, Cryptography

Article published in International Journal of Current Engineering and Technology, Vol.5, No.2 (April-2015)