Securing Cloud Data: An Enhanced Approach through Attribute-Based Access Control Mechanism

Cloud computing is considered one of the most dominant paradigms in the Information Technology (IT) industry these days. It offers new cost-effective services on-demand such as Software as a Service (SaaS), Infrastructure as a Service (IaaS) and Platform as a Service (PaaS). However, with all of these services promising facilities and benefits, there are still a number of challenges associated with utilizing cloud computing such as data security, abuse of cloud services, malicious insider and cyber-attacks. Among all security requirements of cloud computing, access control is one of the fundamental requirements in order to avoid unauthorized access to systems and protect organizations assets. Although, various access control models and policies have been developed such as Attribute based Access Control (ABAC) and Role Based Access Control (RBAC) for different environments, these models may not fulfil cloud’s access control requirements. In this paper, an enhanced attribute-based access control based on strategy mechanism is proposed by introducing a strategy for providing access control to the users in the cloud environment.