An effective user revocation for policy-based access control schema in clouds

Cloud computing is becoming a widely adopted technology for delivering On-Demand IT Services via Internet. Despite the rapid advancement of cloud-based environments, security challenges have to be addressed to a greater extent. One of the major issues in modern clouds is to guarantee the privacy and security of resources after the process of user revocation. In fact, each of revocation requests should be mapped to defined security policies of associated resources in the request for evaluation of user revocation process and updating defined policies. Accordingly, an effective user revocation model is presented in this paper for mapping revocation requests to defined policies of associated resources. The proposed model uses a revocation engine associated with three other stand-alone components to guarantee the privacy of affected nodes after user revocation requests. Furthermore, the reliability and efficiency of the suggested schema has been evaluated by a performance, security and competitive analysis.