Access Control Model for Cloud Platforms Using Multi-Tier Graphical Authentication - A Review

Cloud computing is an emerging, on-demand and internetbased technology. It provides variety of services over internet such as, software, hardware, data storage and infrastructure. The cloud platforms are consisted of a larger number of servers along with networking and security appliances connected together. The heavier amounts of data are stored on these cloud platforms. The data accessibility becomes the major issue in the cloud platforms. The existing access control models are based on the Mandatory access control (MAC), Role based access control (RBAC), Rule based access control (RB-RBAC) and Provenance based access control (PBAC), etc. or offered in the various combinations for the effective data access handling on the cloud platforms. We propose a new decentralized access control scheme for secure data storage in clouds that supports anonymous authentication and performs decentralized key management. In the proposed scheme, the cloud verifies the authenticity of the user without knowing the user’s identity before storing data. Our scheme also has the added feature of access control in which only valid users are able to decrypt the stored information. The scheme prevents replay attacks and supports creation, modification and reading data stored in the cloud. We also address user revocation. Moreover, our authentication and access control scheme is decentralized and robust, unlike other access control schemes designed for clouds which are centralized. Extensive security and performance analysis shows that the proposed scheme is highly efficient and resilient against replay attacks. The communication, computation and storage overheads are comparable to centralized approaches. The proposed model will ensure the security, data privacy and rich-user experience by the proposed access model.