A scalable multilabel-based access control as a service for the cloud (SMBACaaS)

Cloud computing is a shared pool area of computing resources, which might be accessed from anywhere and simply by just about anyone. The cloud's invaluable features, such as data availability and reduced hardware costs, have corporations moving their records into it en masse. Still, concerns about data security remain unaddressed because all data are managed and stored by third-party service providers in a pay-as-you-go model. The fundamental problem faced by enterprizes is trustworthy access control, which is normally used to protect resources from unauthorized user accessibility. In this paper, we introduce a new solution to overcome access control problems by implementing a multilabel-based scalable access control as a service for the cloud. The proposed access control can be offered as a cloud service such as Software as a Service, Infrastructure as a Service, and Platform as a Service. These access services are provided by the trusted third party, named the access control provider. From our results and comparative studies with Google Drive, Amazon S3, and OpenStack Swift, our model using the multilabel feature has demonstrated that it is able to enhance consumer privacy, improve access policy protection, and reinforce data security.