Providing a creditable basis for access control decision-making is not an easy task for the resource pooling, dynamic, and multi-tenant cloud environment. The trust notation can provide this creditable basis, based on multiple factors that can accurately compute the user’s trust for the granting access entity. In this paper, the formal trust model has been introduced, which presents a novel method to provide the basis for granting access. It is based on three factors and their semantic relations, which investigate important measures for the cloud environment. Also, a new Trust-Based Access Control (TB-AC) model has been proposed. The proposed model supports dynamically changing the user’s assigned permissions based on its trust level. In addition, TB-AC ensures secure resource sharing among potential untrusted tenants. TB-AC has been deployed on a separated VM in our private cloud environment, which is built using OpenStack. The experimental results indicated that TB-AC can evaluate access requests within reasonable and acceptable processing times, which is based on the final trust level calculation and the communication between TB-AC and some of the intended OpenStack services. By considering very rough conditions and huge traffic overhead, the final trust level can be calculated in an average time of 200[Formula: see text]ms. Furthermore, the communication overhead between TB-AC and each of Keystone, Nova, and Neutron is very light. Finally, TB-AC has been tested under different scenarios and is provable, usable and scalable.
XACML Implementation Based on Graph Databases
