Analysis of Common Access Control Models and Their Limitations in Cloud Computing Environment

When it comes to relying on cloud computing, security and privacy has always been a serious concern. Replacing cloud computing with traditional means of computing is a huge risk especially for enterprises which value security the most. Due to the resource sharing nature of cloud and diverse groups of users, restricting access to resources appears to be the only way to protect information against unauthorized access. Allowing activities of legitimate users, requires a selective restriction of access to resources which can be enforced through an appropriate access control mechanism. In this paper, we will compare different access control models that are used in cloud computing namely Discretionary Access Control (DAC), Mandatory Access Control (MAC), Role Based Access Control (RBAC) and Attribute Based Access Control (ABAC) and discuss the limitations of each model.