Access Control Mechanism for Prevention of insider Threat in Distributed Cloud Environment

Abstract

Cloud computing has revolutionized data storage and ensured availability of data and storage on demand. Employees in a cloud service environment manage data storage, movement, user authorisation policies, etc. Authority given as privileges for managing cloud data to employees has become an insider threat that directly impacts user confidence, company business and company reputation. Various techniques have been proposed in the literature to handle the insider threat, but they remain non-effective as they store insider’s activity analysis in system logs, and the insider is aware of them. This thesis proposes a blockchain-based robust technique for authorisation of log files of insiders in the cloud environment. Insider authentication and activity details are stored in the blockchain. The proposed solution resolves the Insider threat issue by providing access control to system logs. This technique is tested and validated using a scyther formal system tool. Its operational competence has also been tested in python by creating blockchain nodes for multiple users. The issue of achieving better Authorisation control at the architecture level in the cloud environment has also been addressed. Scalability remains the central issue in the existing work. A distributed architecture for better insider Authorisation control in the cloud environment with multiple PEP–PDP servers is proposed to achieve significantly better results in scalability and performance. Insiders manage the PEP and PDP servers, so it is required to track their activity. Better Insider Authorisation in the proposed distributed architecture is acheived in the cloud environment with the use of a Blockchain server / Blockchain Module to store all the messages between PEP and PDP. The proposed protocol's working is verified and tested based on the four claims, alive, nisynch, secret, and commitment in Scyther which proves proposed protocol’s robustness for real-time implementations.