Abstract
As the functionality and services provided by cloud computing increase, control access to these services becomes more complex, and more security breaches are generated. This is mainly based on the emergence of new requirements and constraints in the open, dynamic, heterogeneous, and distributed cloud environment. Despite the importance of identifying these requirements for designing and evaluating access control models, the available studies do not provide a rigorous review of these requirements and the mechanisms that fulfill them. The purpose of this study was to conduct a literature review of the published articles that have dealt with cloud access control requirements and techniques. This paper allowed us to answer the following two research questions: What cloud access control security requirements have been presented in the published literature? What access control mechanisms are proposed to fulfill them? This review yielded 21 requirements and nine mechanisms, reported by 20 manuscripts. The identified requirements in this review will help researchers, academics and practitioners assess the effectiveness of cloud access control models and identify gaps that are not addressed in the proposed solutions. In addition, this review showed the current cloud access control mechanisms used to meet these requirements such as access control based on trust, risk, multi-tenant, and attribute encryption.
Highlights
IntroductionAccording to the definition of the National Institute for Standards and Technology (NIST), cloud computing is “ a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” [3]
The identified requirements in this review will help researchers, academics and practitioners assess the effectiveness of cloud access control models and identify gaps that are not addressed in the proposed solutions
The purpose of this paper is to present an integrative review of the research related to the requirements of Access Control Model” (ACM) in the cloud environment and to identify critical gaps that are not met by conventional access control models
Summary
According to the definition of the National Institute for Standards and Technology (NIST), cloud computing is “ a model for enabling convenient, on-demand network access to a shared pool of configurable computing resources (e.g., networks, servers, storage, applications, and services) that can be rapidly provisioned and released with minimal management effort or service provider interaction” [3]. In this definition, the cloud computing paradigm is specified as services working in distributed, open, dynamic, heterogeneous environments.
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
