Cloud computing has specific security challenges as multi-tenancy and virtualization features create risks due to sharing of physical resources among potential untrusted tenant. Heterogeneity of services also requires different degrees of granularity in access control mechanisms. This article discusses a distributed architecture based on principles from security management and software engineering to address cloud computing’s security challenges.
A secure and trusted distributed cloud computing infrastructure must meet several authorization requirements that are multitenancy, virtualization, secure distributed collaboration and decentralized administration. The article proposes distributed architecture that addresses and incorporates the authorization requirements. This Cloud architecture can be built using three types of components: a virtual resource manager (VRM), a distributed access control module (ACM) and an SLA.
Read the complete article on http://www.infoq.com/articles/distributed-access-control-architecture-for-cloud-computing