Using the Pairing Function for Distributed Access Control in Cloud Computing

Abstract

Access control has vital significance in cloud computing, where data files are stored in the cloud server. In current schemes, the cloud server typically needs to consult the backend authorization server, when processing access control request from data users. This will put a heavy burden on the authorization server, and therefore introduce Denial-of-Service attack on it. To address this issue, this paper models the access control requirement in cloud computing, and designs a distributed access control scheme. Its security features and efficiency are analyzed. The results show that our scheme is quite improved, because it separates the authorization process from the access control process, and releases the authorization server from the access control process. By doing so, the burden on the authorization server is reduced, and the Denial-of-Service attacks on it during access control process are avoided.