Dynamic Access Control Model Based on FAHP in Cloud Environment

The characteristic of the cloud computing, resources sharing, determines that user behavior trustworthiness is crucial to the security of cloud resources. However, the traditional access control model (Role Based Access Control, RBAC) is only based on user identity trust and does not consider whether the user behavior is trusted or not, and the authorization mechanism is static, lacking of flexibility. Moreover, the lack of monitoring of user behavior makes it unable to timely detect and prevent the illegal operation of users. In view of the above several problems, this paper improves the traditional RBAC model, introduces the concepts of user trust evaluation and security level to the RBAC, uses the fuzzy analytic hierarchy process (FAHP) to calculate the user trust value, supervise and control the process when the user executes permissions, so as to achieve the purpose of dynamic access control based on user identity trust and behavior trust. The results of validation analysis of the improved model show that the improved RBAC model overcomes the shortcomings of the traditional RBAC model and can better protect the security of cloud resources, with small control granularity and good flexibility.