Risk based access control in cloud computing

Abstract

Cloud computing is one of the most trending technologies of today. Most of the resources we use on an everyday basis are stored online as cloud storage. Our files, which have sensitive information, are accessible on valid authentication. When we consider the large scale organizations who host several servers to store their data, we also need to consider the possibility of insider attacks. Data security and integrity is of utmost importance in any organization. Insider attacks mainly focus on exploiting this data. Our model which implements risk based access control takes into consideration several parameters that assess the individual's risk. Access is provided to the user only if his/her risk value is lesser than the threshold risk. Therefore, any possibility of insider threat such as buffer overflow and session hijacking attack is tackled before it occurs. Our model allows a maximum risk of 70% which means that even at the worst case scenario, 30% of the data is still secure. There is a huge potential for future enhancement. � 2015 IEEE.