摘要
Cloud computing belongs to a set of policies,protocols,technologies through which one can access shared resources such as storage,applications,net-works,and services at relatively low cost.Despite the tremendous advantages of cloud computing,one big threat which must be taken care of is data security in the cloud.There are a dozen of threats that we are being exposed to while avail-ing cloud services.Insufficient identity and access management,insecure inter-faces and Applications interfaces(APIs),hijacking,advanced persistent threats,data threats,and many more are certain security issues with the cloud platform.APIs and service providers face a huge challenge to ensure the security and integ-rity of both network and data.To overcome these challenges access control mechanisms are employed.Traditional access control mechanisms fail to monitor the user operations on the cloud platform and are prone to attacks like IP spoofing and other attacks that impact the integrity of the data.For ensuring data integrity on cloud platforms,access control mechanisms should go beyond authentication,identification,and authorization.Thus,in this work,a trust-based access control mechanism is proposed that analyzes the data of the user behavior,network beha-vior,demand behavior,and security behavior for computing trust value before granting user access.The method that computes thefinal trust value makes use of the fuzzy logic algorithm.The trust value-based policies are defined for the access control mechanism and based on the trust value outcome the access control is granted or denied.
