A novel evaluation criteria to cloud based access control models

An access control system is one of the fundamental security requirements of cloud computing in order to avoid unauthorized access to systems and infiltrate organizational assets. Although, various access control models and policies have been developed such as Mandatory Access Control (MAC) and Role Based Access Control (RBAC) for different environments, these models may not fulfil cloud´s access control requirements. This is because cloud computing has a diverse set of users with different sets of security requirements. It also has unique security challenges such as multi-tenant hosting and heterogeneity of security policies, rules and domains. This paper illustrates the basic concepts of access control models and cloud computing. It reviews access control systems primitives and their methodologies. It presents a novel cloud based access control criteria. It has a novel list of properties and factors that can be utilized for assessing and evaluating access control systems in cloud computing environments.