Every time an Id is issued to a participant in hyperledger, a card gets generated and imported to the network. by default imported card gets stored in home/.composer/cards directory. So, anyone having access to machine can have access to those cards. Similar with the case when cards get stored on the cloud storage. Is there any provision in hyperledger to restrict the access to those card?
No there isn't. You need to choose the appropriate way for you for storing cards and secure that location in whatever way you deem necessary. As you have seen there are various cloud wallets to provide alternative locations of storage, but you can also develop your own cloud wallet which meets your needs if required. Examples of cloud wallet implementations can be found at https://github.com/hyperledger/composer-tools