Abstract:
Cloud computing is a promising computing paradigm which has recently drawn extensive attention from both academia and industry. Meanwhile, structured document plays a vital role as information carrier in cloud computing. Therefore apparently, secure access to structured document is a key technology for the quality control of cloud services. In order to prevent information leakage and unauthorized access to the structured document, which is a common problem caused by lack of the multilevel security mechanism in current cloud computing environment, we propose an action-based multilevel access control model (referred to as the AMAC) and provide a formal description of access control policies. In our AMAC model, we employ noninterference theory in the information flow to establish AMAC noninterference model, and prove the security of multilevel access control policies in our AMAC model. Comparison and analysis with the existing access control models demonstrate that the AMAC model not only improves the flexibility of access control policies on the basis of roles, contexts and access actions, but also realizes multilevel security mechanism in terms of the security levels of the user, the access actions and the structured document.