An Updateable Token-Based Schema for Authentication and Access Management in Clouds

Cloud computing is getting universally in production and hence, comprising more valuable information resources. Therefore, providing a secure infrastructure to exchange information is more vital and inevitable. Attackers are looking for a way to penetrate these systems and exploit various techniques, such as account hijack and denial of service attacks, to obtain the information or develop a disorder in the system. The creation of treat models helps to identify the vulnerabilities, prevent potential attacks, and consider appropriate mechanisms to mitigate them. One of these mechanisms is the access control list and the role-based access control list is one of its variants that defines some user groups and allocates resources to specific groups. Token-based authentication is another mechanism which helps to maintain security. When a user requests to access a resource, initially it must be authenticated by a username and represents a token. In this effort, by using the concept of role-based access control and JSON web token framework, a customized framework is proposed and implemented with a higher level of security in comparison to a standard JSON web token framework. Moreover, this proposal has the ability to update the status of access to resources in case of changing access policies by the policy engine.