Attribute based access control in clouds: A survey

Access control ensures that authorized users are able to access data and unauthorized users are unable to access data. Most of the data stored in clouds is highly sensitive. So, it is not only important to control the access of data but hide it from the cloud service provider, which cannot be fully trusted. User based access control models are too restrictive because of the huge user base and often unknown identities of target recipients. Role based model might are not suitable for fine grained access control. Attribute based access control thus provides fine grained access control. A cryptographic primitive known as attribute based encryption (ABE) have been widely used for not only access control but hiding the data from the storage server. ABE has been widely used for access control in cloud. We present a survey of Attribute based access control techniques for clouds, their features, advantages and disadvantages. The problem becomes tricky for mobile device, due to their limited resources. We look at variants of ABAC for mobile clouds. This area of research is very recent and there is a lot of scope of future work, which will also be discussed.