Secure Identity Management System for Federated Cloud Environment

被引:2
作者
Habiba, Umme [1 ]
Masood, Rahat [1 ]
Shibli, Muhammad Awais [1 ]
机构
[1] Natl Univ Sci & Technol, Sch Elect Engn & Comp Sci, Islamabad, Pakistan
来源
SOFTWARE ENGINEERING, ARTIFICIAL INTELLIGENCE, NETWORKING AND PARALLEL/DISTRIBUTED COMPUTING | 2015年 / 569卷
关键词
Identity management systems; cross-domain identity management; Access right delegation; identity synchronization; Cloud computing; PRIVACY;
D O I
10.1007/978-3-319-10389-1_2
中图分类号
TP18 [人工智能理论];
学科分类号
081104 ; 0812 ; 0835 ; 1405 ;
摘要
Federated Identity Management (FIM) systems are well-known for achieving reliable and effective collaboration among various organizations. Despite numerous benefits, these systems have certain critical weaknesses such as lack of security and privacy while disseminating identity credentials (Personally Identifiable Information (PII)) across multiple federated Cloud environments. In addition to this, FIM systems have limitations in terms of interoperability and lack compliance to international standards, since most of the systems are reliant on proprietary protocols for the exchange of identity information. In this regard, we propose a secure identity management system for federated Cloud environments that not only ensures the secure management of identity credentials, but preserves the privacy of Cloud Service Consumers (CSC) also. Furthermore, implementation of the proposed system involves state-of-the-art international standards (SCIM, SAML, REST and XACML) to ensure secure, quick and easy sharing & management of identity credentials in to, out of and around the Cloud. Further, we have performed rigorous evaluation of the proposed system using standard evaluation tools such as Scyther and JUnit. The results of our evaluation certify that the presented work ensures the desired features and level of security as expected from a secure identity management system for federated Cloud environment.
引用
收藏
页码:17 / 33
页数:17
相关论文
共 15 条
  • [1] An Entity-centric Approach for Privacy and Identity Management in Cloud Computing
    Angin, Pelin
    Bhargava, Bharat
    Ranchal, Rohit
    Singh, Noopur
    Linderman, Mark
    Ben Othmane, Lotfi
    Lilien, Leszek
    [J]. 2010 29TH IEEE INTERNATIONAL SYMPOSIUM ON RELIABLE DISTRIBUTED SYSTEMS SRDS 2010, 2010, : 177 - 183
  • [2] [Anonymous], 2009, CLOUDS BERKELEY VIEW
  • [3] Security and Cloud Computing: InterCloud Identity Management Infrastructure
    Celesti, Antonio
    Tusa, Francesco
    Villari, Massimo
    Puliafito, Antonio
    [J]. 19TH IEEE INTERNATIONAL WORKSHOPS ON ENABLING TECHNOLOGIES: INFRASTRUCTURE FOR COLLABORATIVE ENTERPRISES (WETICE 2010), 2010, : 263 - 265
  • [4] Chadwick D. W., 2011, Proceedings of the 2011 IEEE 3rd International Conference on Cloud Computing Technology and Science (CloudCom 2011), P792, DOI 10.1109/CloudCom.2011.122
  • [5] Cremers CJF, 2008, LECT NOTES COMPUT SC, V5123, P414
  • [6] Ghazizadeh E., 2012, 2012 IEEE 4th International Conference on Cloud Computing Technology and Science (CloudCom). Proceedings, P532, DOI 10.1109/CloudCom.2012.6427513
  • [7] Habiba U., 2014, 19 IEEE PAC RIM INT
  • [8] Il Kon Kim, 2010, 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT), P391, DOI 10.1109/SAINT.2010.68
  • [9] Jansen W., 2010, Directions in security metrics research
  • [10] Josang A., 2005, P 2005 AUSTRALASIAN, V44, P99, DOI DOI 10.5555/1082290.1082305