Arbiter: a lightweight, secured and enhanced access control mechanism for cloud computing

Abstract

The demand for Cloud computing has been increasing for the past few years due to its significance in the IT industry, cost effectiveness and on demand services. To benefit from this technology, access control mechanism need to be applied to restrict the access to legitimate users and prevent the system from unauthorized access whether coming from people or malicious programs. The increase in the number of unauthorized access recently required more work to reduce it. The main problem is that most of the cloud access control is already built based on weak access control mechanism comparing to other mechanisms. In addition to this weakness, the process of changing it to trust mechanism is complex, expensive and takes a great deal of decision-making. This paper investigates the status of existing access control mechanism in the cloud and provides lightweight, secured, and a new approach based on Mandatory Access Control (MAC) mechanism called Arbiter. The proposed architecture aims to reduce the cost and effort of change the entire operating system to meet the requirement of a trusted system. This paper uses design science methodology to design a technical tool for those who are involved in planning, designing and managing access control in the cloud.