%A ZHAO Peng, WU Li-fa, HONG Zheng %T Research on Broker Based Multicloud Access Control Model %0 Journal Article %D 2019 %J Computer Science %R 10.11896/jsjkx.190300112 %P 123-129 %V 46 %N 11 %U {https://www.jsjkx.com/CN/abstract/article_18609.shtml} %8 2019-11-15 %X Multicloud is increasingly accepted by industry and has great promotional value and development potential,since it combines cloud resources in a provider-independent way and there is no need to change the provider’s original technology solutions and operation model.Cloud broker provides transparent service for providers and users,composes the resource of cloud providers on demand,and reduces the difficulty of Multicloud collaboration,the risk of vendor lock-in and the cost of cloud user.However,the loss of trust and the heterogeneity of access control policy among cloud providers can easily cause security problems,such as privacy leakage and data loss,and affect the promotion and application of Multicloud seriously.Based on the factors,such as trust,context and SLA,Multicloud access control model (MC-ABAC) was proposed.Firstly,the framework of MC-ABAC is constructed to collaborate in Multicloud environments,which consists of Virtual Resource Manager (VRM),Access Control Manager (ACM) and Cloud Access Control Broker (CACB).Secondly,MC-ABAC is designed to achieve trust measurement of cloud providers and authorization management in Multicloud.This model defines subject,resource,environment and operation,and formalizes trust,context,SLA and authorization.Thirdly,the workflow of MC-ABAC is designed to access the resource of multicloud from local provider and CACB respectively.Finally,the simulation environment of MC-ABAC is built by using CloudSim 4.0 and OpenAZ,and used to verify the availability,such as the success rate and the response time of the request.The results show the request success rate of MC-ABAC is about 18% higher than that of ABAC,and whose average response time is better than that of ABAC,when MC-ABAC is used normally and the number of requests is large.