Review and Analysis of Access Control Mechanism for Cloud Data Centres

  • Ajay Kumar Dubey
  • Vimal Mishra
Conference paper
Part of the Algorithms for Intelligent Systems book series (AIS)


Nowadays the cloud is very useful for providing many IT services. These services are delivered over the internet and accessed globally with the help of internet. The cloud service provider ensures flexibility in provisioning and scaling of resources. The cloud services are completely managed by cloud service provider (CSP), which ensures the end to end availability, reliability and security of the cloud resources. The exponential growth of cloud services has provided many opportunities but has also perplexed severe security concerns. The popularity of cloud service-based applications is rapidly increasing due to which many security and legal issues are arising. In this paper, we reviewed the existing access control method and framework for cloud data centres. The different concept of reputation and attribute-based access control system has been analyzed. This review of access control approach is helpful in designing of new access control framework and to mitigate the challenges in security concerns.


Cloud computing Reputation Crowdsourcing Crowdreviewing Crowd voting 


  1. 1.
    Song R, Korba L, Yee G (2006) Pseudonym technology for e-services. In: Privacy protection for E-services. IGI Global, pp 141–171Google Scholar
  2. 2.
    Miconi A, Rainie L, Wellman B (2013) Networked: the new social operating system. Int J Commun 7:6Google Scholar
  3. 3.
    Abhishek T, Tahmasbi N, Khazanchi D, Najjar L (2014) Crowdsourcing typology: a review of is research and organizations. In: Proceedings of the Midwest Association for Information Systems (MWAIS)Google Scholar
  4. 4.
    Wang B, Li B, Li H (2014) Oruta: privacy-preserving public auditing for shared data in the cloud. IEEE Trans Cloud Comput 2(1):43–56MathSciNetCrossRefGoogle Scholar
  5. 5.
    Ruohomaa S, Kutvonen L, Koutrouli E (2007) Reputation management survey. In: The second international conference on availability, reliability and security (ARES’07). IEEE, pp 103–111Google Scholar
  6. 6.
    Samarati P, de Vimercati SC (2000) Access control: policies, models, and mechanisms. In: International school on foundations of security analysis and design. Springer, Heidelberg, pp 137–196CrossRefGoogle Scholar
  7. 7.
    Sandhu R, Samarati P (1996) Authentication, access control, and audit. ACM Comput Surv (CSUR) 28(1):241–243CrossRefGoogle Scholar
  8. 8.
    Leune CJ et al (2007) Access control and service-oriented architectures. Technical report, Tilburg University, School of Economics and ManagementGoogle Scholar
  9. 9.
    Chen X, Berry D, Grimson W (2009) Identity management to support access control in e-health systems. In: 4th European conference of the international federation for medical and biological engineering. Springer, Heidelberg, pp 880–886Google Scholar
  10. 10.
    Karp AH (2006) Authorization-based access control for the services oriented architecture. In: Fourth international conference on creating, connecting and collaborating through computing (C5’06). IEEE, pp 160–167Google Scholar
  11. 11.
    Carminati B, Ferrari E, Perego A (2006) Rule-based access control for social networks. In: OTM confederated international conferences on the move to meaningful internet systems. Springer, Heidelberg, pp 1734–1744CrossRefGoogle Scholar
  12. 12.
    Demchenko Y, Gommans L, Tokmakoff A, van Buuren R (2006) Policy based access control in dynamic grid-based collaborative environment. In: International symposium on collaborative technologies and systems (CTS’06). IEEE, pp 64–73Google Scholar
  13. 13.
    Reddivari P, Finin T, Joshi A et al Policy-based access control for an RDF store. In: Proceedings of the IJCAI-07 workshop on semantic web for collaborative knowledge acquisition, 2007Google Scholar
  14. 14.
    Sandhu R, Munawer Q (1998) How to do discretionary access control using roles. In: Proceedings of the third ACM workshop on role-based access control. ACM, New York, pp 47–54Google Scholar
  15. 15.
    Downs DD, Rub JR, Kung KC, Jordan CS (1985) Issues in discretionary access control. In: 1985 IEEE symposium on security and privacy. IEEE, pp 208–208Google Scholar
  16. 16.
    McCune JM, Jaeger T, Berger S, Caceres R, Sailer R (2006) Shamon: a system for distributed mandatory access control. In: 2006 22nd annual computer security applications conference (ACSAC’06). IEEE, pp 23–32Google Scholar
  17. 17.
    Park JS, Sandhu R, Ahn G-J (2001) Role-based access control on the web. ACM Trans Inf Syst Secur (TISSEC) 4(1):37–71CrossRefGoogle Scholar
  18. 18.
    Mitseva A, Imine M, Prasad NR (2006) Context-aware privacy protection with profile management. In: Proceedings of the 4th international workshop on wireless mobile applications and services on WLAN hotspots. ACM, New York, pp 53–62Google Scholar
  19. 19.
    Boutaba R, Aib I (2007) Policy-based management: a historical perspective. J Netw Syst Manage 15(4):447–480CrossRefGoogle Scholar
  20. 20.
    Mulimani M, Rachh R (2016) Analysis of access control methods in cloud computingGoogle Scholar
  21. 21.
    Aluvalu RK, Muddana L (2015) A survey on access control models in cloud computing. In: Emerging ICT for bridging the future-proceedings of the 49th annual convention of the computer society of India (CSI), vol 1. Springer, Heidelberg, pp 653–664Google Scholar
  22. 22.
    Demchenko Y, Ngo C, de Laat C, Lee C (2014) Federated access control in heterogeneous intercloud environment: basic models and architecture patterns. In: 2014 IEEE international conference on cloud engineering. IEEE, pp 439–445Google Scholar
  23. 23.
    Zhou L, Varadharajan V, Hitchens M (2015) Trust enhanced cryptographic role-based access control for secure cloud data storage. IEEE Trans Inf Forensics Secur 10(11):2381–2395CrossRefGoogle Scholar
  24. 24.
    Zhou L, Varadharajan V, Hitchens M (2014) Secure administration of cryptographic role-based access control for large-scale cloud storage systems. J Comput Syst Sci 80(8):1518–1533MathSciNetCrossRefGoogle Scholar
  25. 25.
    Sutcu Y, Li Q, Memon N (2007) Protecting biometric templates with sketch: theory and practice. IEEE Trans Inf Forensics Secur 2(3):503–512CrossRefGoogle Scholar
  26. 26.
    Papaioannou TG, Stamoulis GD (2004) Effective use of reputation in peer to-peer environments. In: IEEE international symposium on cluster computing and the grid, 2004, CCGrid 2004. IEEE, pp 259–268Google Scholar
  27. 27.
    Resnick P, Zeckhauser R, Swanson J, Lockwood K (2006) The value of reputation on ebay: a controlled experiment. Exp Econ 9(2):79–101CrossRefGoogle Scholar
  28. 28.
    Donghong S, Wu L, Ping R, Ke L (2016) Reputation and attribute based dynamic access control framework in cloud computing environment for privacy protection. In: 2016 12th international conference on natural computation, fuzzy systems and knowledge discovery (ICNC-FSKD). IEEE, pp 1239–1245Google Scholar

Copyright information

© Springer Nature Singapore Pte Ltd. 2020

Authors and Affiliations

  1. 1.Dr. APJ Abdul Kalam Technical UniversityLucknowIndia
  2. 2.Institute of Engineering and Rural TechnologyPrayagrajIndia

Personalised recommendations