Multi-mode access control strategy making and executing method under cloud environment

The invention discloses a multi-mode access control strategy making and executing method under a cloud environment. According to the data access characteristics in different areas under the cloud environment, and the optimal access control method is selected. By defining an access strategy description language, the making and using rule of access strategies is restrained in a unified mode, and therefore an IBAC, an ABAC and a DABAC work cooperatively, and a data safety guarantee under the cloud environment is achieved. The IBAC is used in a secret area to achieve access control of fine grit, the ABAC is used in a group area so that efficient and expansible access control, a dynamic attribute concept is led in on the basis of existing attribute access control, the access strategies are expressed through a multi-branch-tree structure, a dynamic attribute access control strategy capable of supporting dynamic authorization is designed, and therefore the self-adaption requirement of public area access control can be met.