CLOUD-CAT: A collaborative access control tool for data outsourced in cloud computing

In a real-world collaborative data sharing scenario in cloud computing, there are multiple users who can access the resource shared by multiple data owners anytime and anywhere. The evolution of user status, roles, and privilege in the federated data sharing environment become even more and more complex to handle. Efficiently managing multiple access control policies and providing appropriate access control to different groups of user are crucially needed in such collaborative and federated environment. This paper presents an administrative tool called CLOUD-CAT to facilitate a flexible, secure, and efficient management of multiple user accesses and multiple access control policies in multi-owner cloud computing environment. CLOUD-CAT is designed and developed based on the integration of Ciphertext Policy-Attribute-based Encryption (CP-ABE) and Role-based Access Control Model (RBAC) access control model. To support policy management, the tool provides secure channel for several data owners to update and administer their access control policies resided at the cloud server. Finally, we present implementation details to demonstrate advanced features and performance analysis of the prototype system.