Indian Journal of Science and Technology

Abstract

Background: Cloud computing provides access to a large scale of resources. Access control is the indispensable requirement for protecting cloud resource. A cloud service provider is responsible for enforcing access control and they normally rely upon conventional access control mechanisms. Methods: These access control policies, consider the access control primitives in separation which may lead to abuse of access control. These aforesaid problems motivated our research to center around the provision of access control by considering the association among the three access control primitives namely the user making access request, resource upon which access is requested and operation performed by the user on the resource. Hence Ontology Centric Access Control (OCAC) is being proposed in this paper. Findings: This OCAC circulates authorization rules among the primitives of access control say subject, object and action by reducing the various associations among the associations among the access control elements; it is observed that there is less chance for security violation. Ontology is used since it reduces the times of agreement while exchanging the authorization policies across the security domains. For reducing the number of statements and rules in policy base, subsumption property is used. This reduces the space and time complexity. Applications/Improvements: We are applying our work to protect bank data as banks are embracing clouds to store huge data by cutting their IT costs.
Keywords: Access Control, Ontology, Cloud Computing, User Ontology, Resource Ontology, Activity Ontology Introduction