**6. Conclusions**

*Quality Control - Intelligent Manufacturing, Robust Design and Charts*

5.5% for extending the default nova access control when forward-reasoning has been utilized whereas an increase of 4% over the default nova when 24-attributes

**Experiment 2 - Experiment 1 Experiment 3 - Experiment 1**

−0.02 −0.05 −0.03 −0.12 −0.13

Average −0.07

Percentage −5.5%

From these results, the **ABACsh** shows an acceptable performance compared to the default OpenStack access control within nova service. This section demonstrates the enhanced attribute-based access control **ABACsh** performance improvement when attributes and forward reasoning algorithm are employed. It has been noticed that the performance improvement is liner in **Figure 10** when only attributes are involved in access decision. Whereas in **Figure 11** when forward reasoning is involved, an improvement in performance has been noticed. This indicates an opportunity of enhancing the IaaS-cloud security when logical reasoning and

The main aim of the experiments in this chapter is to study the performance improvement when attribute-based access control model is introduced into IaaS cloud. The experiment scale is limited to a private cloud in a LAN set-up. Therefore, the network performance metrics has not been studied such as the latency and throughput. The implementation in this chapter does not involve the PIP component of the access control, therefore only a simple forward reasoning algorithm has been deployed without knowledge update component. The used database for knowledge is written manually whereas the system should use an automated information collection method if PIP is implemented. One subject is involved in

are used in the policy-engine as illustrated in **Table 6**.

AI mechanism are involved in access control system.

*5.4.6 Experiments limitations*

**52**

**Figure 11.**

0.02 −0.02 0.06 −0.02 0.01

Average 0.05

Percentage 4%

*Comparing sys-time values.*

**Table 6.**

*Sys-time for access control processing in nova.*

This Chapter is focusing on the problem of deploying access control in a dynamic environment. Access control is one of the information security principles where the system user access is controlled through an access policy. In the cybersecurity world where systems and devices are distributed in different locations, there is a need to have an access control model that is able to cope with a dynamic environment where new users with different privileges are joining and leaving the system.

This chapter is proposing to deploy an enhanced version of attribute-based access-control named **ABACsh.** This model is deploying knowledge base category of AI. A proof of concept is implemented in the cloud computing environment to measure the performance and the visibility of such a deployment.
