Enhanced role-based access control for cloud security

Abstract

There has been significant work done on access control previously. The proposed access control system is aiming at providing more security to enterprise resource on cloud by limiting the access of resources. Each enterprise has a different hierarchical structure based on their organizational policy. This organizational hierarchy is built using various roles that are interdependent on each other. Therefore, instead of defining the access policy for each user, the system defines access for each role. There are many standards which are available for access control such as XACML and SAML. The proposed system uses the concept of XACML for designing the policies. In addition to this feature, the system has a role request module that enables the user to hold other roles as well. This project provides a security solution via RBAC system for cloud security (RBACcs) to improve the security of data on cloud. This paper shows how the existing security standards such as XACML can be used to create and manage the policies of RBACcs. These policies are defined and designed according to current business scenario. The paper also studies the existing work done on cloud security and gives a comparative study between the proposed and the existing systems. In the end, we also proposed a few extensions to the existing system that can be made based on the security needs.