Unified RB-DAC Approach with Secure Authentication Using Smart Card Architecture

There has been recently considerable interest in Role-Based Access Control (RBAC) as an alternative to traditional DAC and MAC access control schemes. The interest in RBAC is due to its simplicity in implementation, since it adapts to the working environment of any organization effortlessly. Every cloud computing resource subjects are categorically divided into the predefined roles and policies are defined for each role. Hence the RBAC is defined as a mapping between user to roles and the roles to privileges making the access control design simple, adaptable and easily implementable. DAC scheme provides complete control to the owner of the object on the decision of access control using access control matrix and list. The problem in the present RBAC scheme is that all subjects who are in same role can access the data specified for that particular role, but we can´t specify data for any particular subject in a particular role. Our system combines the concept of ACL (Access Control List) & ACM (Access Control Matrix) of DAC with the RBAC to enhance the data integrity in RBAC. Thus to achieve this, we have to add ACL to all the objects (data) and ACM to all the objects (roles) in the system, this restricts other subjects of the same role from accessing one particular subject´s data.