Cloud access control in multi-layer cloud networks

Abstract

Multi-layer cloud network is a new paradigm of mobile cloud computing. In multi-layer cloud networks, any device could augment its resources by offloading their tasks to public clouds, private clouds, or even user devices. However, it is difficult to handle access control on data stored in different clouds which may offer various access control mechanisms. In this paper, the cloud access control (CAC) is proposed to provide a universal access control on data, no matter where the data is stored in cloud networks. Data owners could easily specify who, when, and how to access their data in cloud access control expression language (CACEL). Compared to existing expression languages, such as ORDL and XACML, CACEL is more suitable for cloud access control since it is initially designed for protecting data in cloud networks.