Int. J. Grid and Utility Computing, Vol. 6, Nos. 3/4, 2015 133 Copyright © 2015 Inderscience Enterprises Ltd. Collective advancements on access control scheme for multi-authority cloud storage system Balamurugan Balusamy* School of Information Technology and Engineering (SITE), VIT University, Vellore 632014, Tamil Nadu, India Email: balamuruganb@vit.ac.in *Corresponding author P. Venkata Krishna School of Computing Science and Engineering (SCSE), VIT University, Vellore 632014, Tamil Nadu, India Email: pvenkatakrishna@vit.ac.in Abstract: In this information age, the amount of data generated by an individual and organisation is increasing exponentially. Cloud computing has come as a rescue to store and compute the data efficiently at a low cost. On the other hand, according to cloud security alliance, the threats and vulnerabilities related to cloud computing are on the rise and they may reach an uncontrollable level if cloud security inhabits the same shape. Attribute-based encryption techniques are used in several critical applications for data access control. Our proposed work enhances the security of (DAC-MAC) during the user registration phase by the advent of digital signature over user credentials for avoiding man-in- the-middle attack and providing non-repudiation during user registration phase. Secondly, a verification scheme based on user-privilege list for file access request is included. Lastly, by logging the user behaviours in the separate database table, the authenticity of the access node can be verified, monitored and DDoS attack can be nullified. The framework could be used for IaaS application. Keywords: attribute-based encryption techniques; man-in-the-middle-attack; non-repudiation; user-privilege list; DDoS attack. Reference to this paper should be made as follows: Balusamy, B. and Venkata Krishna, P. (2015) ‘Collective advancements on access control scheme for multi-authority cloud storage system’, Int. J. Grid and Utility Computing, Vol. 6, Nos. 3/4, pp.133–142. Biographical notes: Balamurugan Balusamy received his BTech (Computer Science) from Bharathidasan University and MTech (Computer Science) from Anna University in 2005. He pursued his PhD and works as a faculty in VIT University, India. His research interests include cloud access control, cloud computing and cloud security. P. Venkata Krishna is a Professor at School of Computing Science and Engineering, VIT University, Vellore, India. He received his BTech in Electronics and Communication Engineering from Sri Venkateswara University, Tirupathi, India, MTech in Computer Science & Engineering from REC, Calicut, India and PhD from VIT University, Vellore, India. His current research interests include mobile and wireless systems, cross layer wireless network design and grid computing. 1 Introduction As per the NIST definition, cloud computing is a paradigm which enables the ideal and on-demand access to the collective pool of various resources with the ease of provisioning releasing the service with scalability and elasticity (Mell and Grance, 2011). The cloud data storage needs the trust of the data owners or users to handle their data to the third-party cloud server. But since the data is stored in the third-party server located at an unknown