Cloud MA-MOrBAC: A Cloud Distributed Access Control Model Based on Mobile Agents

1 ABSTRACT: Cloud services are designed to provide scalable access to applications, resources and services, and are fully managed by cloud service providers. On-demand cost-effective services are offered such as software as a service, infrastructure as a service and platform as a service. Despite the promising facilities and benefits of these services, most organizations and companies are worried about accepting to use them due to security issues and challenges within the cloud like data security, abuse of cloud services, malicious insiders and cyber-attacks. In order to fulfill organization data security requirements, protect organization assets and win the trust of cloud service consumers, models should be designed to solve organizational and distributed aspects of information usage stored in a cloud and to protect them against unauthorized access and modification. However, various access control models have been developed such as: role-based models, attribute-based encryption models and multi-tenancy models. In spite of such model diversity, cloud dynamic and distributed access control requirements may not be fulfilled, for several reasons: (i) the user-resource relationship is dynamic in the cloud. (ii) Service providers and users are typically not in the same security domain. (iii) The multi-tenant hosting and heterogeneity of security policies. In this paper, a novel access control model using the technology of mobile agents for cloud computing is presented to meet the distributed access control requirements. It aims to protect the sensitive data of cloud service consumers, to guarantee the availability of cloud service providers’ as well as the confidentiality and integrity of costumers’ data and to secure sharing resources.