IJCSN.pdf

Cloud computing is considered as the one of the most dominant paradigm in the field of information technology which offers on demand cost effective services such as Software as a service (SAAS), Infrastructure as a service (IAAS) and Platform as a service (PAAS).Provisioning all these services as it is, this cloud computing associates with number of challenges such as data security, abuse of cloud services, malicious insider and cyber-attacks. Among all these security requirements of cloud, access control is the one of the prominent requirement in order to avoid unauthorized access to data stored in the cloud. Main objective of this research is to review the existing methods of cloud access control models and their variants pros and cons and to identify further related research directions for developing an improved access control model for cloud data storage. We have presented detailed access control requirement analysis for cloud computing and have identified important gaps, which are not fulfilled by conventional access control models. As the final outcome of the study we have come up with an improved access control model with hybrid cryptographic schema and hybrid cloud architecture and practical implementation of it. Finally we have tested our proposed model for security implications, performance, functionality and data integrity to prove the validity. We have used advanced encryption standard (AES) which is a private key algorithm and Rivest–Shamir– Adleman (RSA) public key algorithm to implement the cryptographic schema and used public and private cloud to enforce our access control security and reliability. By validating and testing we have proved that our model can withstand against most of the cyber-attacks in real cloud environment. Thus it has improved capabilities compared with other previous access control models that we have reviewed through the literature.