A Dynamic Risk and Role-based Access Control Model in Cloud Computing Environment

With the development of information security technology and cloud computing, role-based access control (RBAC) technology has become a hot research topic in the field of access control and showed a great advantage in many enterprise cloud environment. But the cloud computing network environment is changing all the time, makes the traditional access control models is difficult to ensure the safety of data resources in process of interaction, with introducing the risk concept set on the basis of RBAC model, this paper puts forward a kind of dynamic role based access control (DRBAC) model, the identity authentication and role decision is divided into two levels of authentication mechanism, it identifies whether to allow the access to the target data according to the comprehensive risk brought by the user's risk level, which changes the static authorization of existing access models and improve the performance at the same time.