An Attribute-Role Based Access Control Mechanism for Multi-tenancy Cloud Environment

摘要

Because of the rapid development of software technology, many enterprises require more high-performance hardware to enhance their competitiveness. Cloud computing is the result of distributed computing, grid computing and is gradually being seen as the future solution to the companies. Cloud computing can virtualize existing software and hardware to reduce costs. Thus, enterprises only require high Internet bandwidth and devices to access cloud service on the Internet. This would decrease many overhead costs and reduce IT staff requirement. A cloud environment provider provides many companies to rent a cloud service simultaneously in the provider's cloud, the technology is named multi-tenancy cloud service. However, how to access resource safely is an important topic if user want to adopt multi-tenancy cloud computing technology. The cloud-computing environment is vulnerable to network-related attacks. This research uses role-based access control authorization mechanism concept and combines it with attribute based access control to determine which tenant that user can access. The enhanced authorization mechanism can improve the safety of cloud computing services and protected the data secret.