Natarajan Meghanathan, Jackson State University, USA

The relationship between users and resources is dynamic in the cloud, and service providers and users are typically not in the same security domain. Identity-based security (e.g., discretionary or mandatory access control models) cannot be used in an open cloud computing environment, where each resource node may not be familiar, or even do not know each other. Users are normally identified by their attributes or characteristics and not by predefined identities. There is often a need for a dynamic access control mechanism to achieve cross-domain authentication. In this paper, we will focus on the following three broad categories of access control models for cloud computing: (1) Role-based models; (2) Attribute-based encryption models and (3) Multi-tenancy models. We will review the existing literature on each of the above access control models and their variants (technical approaches, characteristics, applicability, pros and cons), and identify future research directions for developing access control models for cloud computing environments.

Access Control Models, Role-based Access Control, Attribute-based Encryption Model, Multi-tenancy Model, Cloud Computing