User Centric Access control policy management framework for Cloud applications

Abstract

Cloud computing environment is a collection of various Cloud applications deployed by different Cloud service vendors for their customers. The online availability, variety and easy access of Cloud applications allow users to create, upload and store numerous resources across the Cloud. However, Protection of these resources from different security threats in Cloud environment is still a serious concern for the Cloud users. Cloud applications provide diverse and complex authorization and access control mechanisms to different Cloud users. Moreover, Access control is limited and tightly bound to the functionality of the applications and does not cater the access control requirements of individual users. Securing every resource with different, complex and limited access control solutions is a tedious task and results in poorly protected resources susceptible to unauthorized access and different other security threats. A new approach to access control in Cloud environment is presented in this paper. It externalizes access control from Cloud applications and enables users to create, and manage access control policies on their resources according to their own security and access control requirements. The framework also provides users with a central control point, standard policy definition language and easy to use interface to specify and manage access control on all their resources scattered across the Cloud. We presented the framework and described the protocol which defines the interaction between different components of the system to specify and enforce User-Centric policies using XACML standards.