Privacy-Preserving Identity Management as a Service

Nuñez, David; Agudo, Isaac; Lopez, Javier

doi:10.1007/978-3-319-17199-9_5

David Nuñez¹⁵,
Isaac Agudo¹⁵ &
Javier Lopez¹⁵

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 8937))

Included in the following conference series:

Summer School on Accountability and Security in the Cloud

1427 Accesses

Abstract

In this paper we tackle the problem of privacy and confidentiality in Identity Management as a Service (IDaaS). The adoption of cloud computing technologies by organizations has fostered the externalization of the identity management processes, shaping the concept of Identity Management as a Service. However, as it has happened to other cloud-based services, the cloud poses serious risks to the users, since they lose the control over their data. As part of this work, we analyze these concerns and present a model for privacy-preserving IDaaS, called \(\mathsf {BlindIdM}\), which is designed to provide data privacy protection through the use of cryptographic safeguards.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

Nuñez, D., Agudo, I.: BlindIdM: a privacy-preserving approach for identity management as a service. Int. J. Inf. Secur. 13(2), 199–215 (2014)
Article Google Scholar
Dey, A., Weis, S.: PseudoID: enhancing privacy in federated login. In: Hot Topics in Privacy Enhancing Technologies, pp. 95–107 (2010)
Google Scholar
Chow, S., He, Y.J., Hui, L., Yiu, S.: SPICE – simple privacy-preserving identity-management for cloud environment. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 526–543. Springer, Heidelberg (2012)
Chapter Google Scholar
Bertino, E., Paci, F., Ferrini, R., Shang, N.: Privacy-preserving digital identity management for cloud computing. Bull. IEEE Comput. Soc. Tech. Committee Data Eng. 32(1), 21–27 (2009)
Google Scholar
Angin, P., Bhargava, B., Ranchal, R., Singh, N., Othmane, L.B., Lilien, L., Linderman, M.: An entity-centric approach for privacy and identity management in cloud computing. In: 29th IEEE Symposium on Reliable Distributed Systems, pp. 177–183 (2010)
Google Scholar
Casassa Mont, M., Pearson, S., Bramhall, P.: Towards accountable management of identity and privacy: sticky policies and enforceable tracing services. In: Proceeding 14th International Workshop on Database and Expert Systems Applications, pp. 377–382. IEEE (2003)
Google Scholar
Cloud Security Alliance. Top threats to cloud computing, version 1.0 (2010)
Google Scholar
Agudo, I., Nuñez, D., Giammatteo, G., Rizomiliotis, P., Lambrinoudakis, C.: Cryptography goes to the cloud. In: Lee, C., Seigneur, J.-M., Park, J.J., Wagner, R.R. (eds.) STA 2011 Workshops. CCIS, vol. 187, pp. 190–197. Springer, Heidelberg (2011)
Chapter Google Scholar
Fowler, G.A., Barrett, D., Schechner, S.: U.S. shuts offshore file-share ‘locker’. Wall Street J. (2012)
Google Scholar
OASIS Security Services TC. Glossary for the OASIS Security Assertion Markup Language (SAML) V2.0 (2005)
Google Scholar
Maler, E., Reed, D.: The venn of identity: options and issues in federated identity management. IEEE Secur. Priv. 6(2), 16–23 (2008)
Article Google Scholar
OpenID Authentication 2.0. http://openid.net/specs/openid-authentication-2_0.html
Hardt, D., Bufu, J., Hoyt, J.: OpenID Attribute Exchange 1.0. http://openid.net/specs/openid-attribute-exchange-1_0.html
OASIS Security Services TC. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 (2005)
Google Scholar
Nunez, D., Agudo, I., Lopez, J.: Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services. In: 4th IEEE International Conference on Cloud Computing Technology and Science (CloudCom), pp. 241–248. IEEE (2012)
Google Scholar
De Caro, A., Iovino, V.: jPBC: java pairing based cryptography. In: Proceedings of the 16th IEEE Symposium on Computers and Communications, ISCC 2011, pp. 850–855. IEEE (2011)
Google Scholar

Download references

Acknowledgements

This work was partly supported by the Junta de Andalucía through the project FISICCO (P11-TIC-07223). The first author has been funded by a FPI fellowship from the Junta de Andalucía through the project PISCIS (P10-TIC-06334).

Author information

Authors and Affiliations

Universidad de Málaga, Málaga, Spain
David Nuñez, Isaac Agudo & Javier Lopez

Authors

David Nuñez
View author publications
You can also search for this author in PubMed Google Scholar
Isaac Agudo
View author publications
You can also search for this author in PubMed Google Scholar
Javier Lopez
View author publications
You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to David Nuñez .

Editor information

Editors and Affiliations

HP Labs, Bristol, United Kingdom
Massimo Felici
University of Malaga, Malaga, Spain
Carmen Fernández-Gago

Rights and permissions

Reprints and permissions

Copyright information

About this chapter

Cite this chapter

Nuñez, D., Agudo, I., Lopez, J. (2015). Privacy-Preserving Identity Management as a Service. In: Felici, M., Fernández-Gago, C. (eds) Accountability and Security in the Cloud. A4Cloud 2014. Lecture Notes in Computer Science(), vol 8937. Springer, Cham. https://doi.org/10.1007/978-3-319-17199-9_5

Download citation

DOI: https://doi.org/10.1007/978-3-319-17199-9_5
Published: 01 April 2015
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-17198-2
Online ISBN: 978-3-319-17199-9
eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics