Abstract
We introduce the concept of an identity management machine (based on ASM) to mitigate problems regarding identity management in cloud computing. We decompose the client to cloud interaction into three distinct scenarios and introduce a set of ASM rules for each of them. We first consider a direct client to cloud interaction where the identity information stored on the client side is mapped to the identity created on the cloud provider’s IdM system. To enhance privacy we then introduce the concept of real, obfuscated and partially obfuscated identities. Finally we take advantage of the increase in standardization in IdM systems defining the rules necessary to support authentication protocols such as OpenID. Our solution makes no supposition regarding the technologies used by the client and the cloud provider. Through abstract functions we allow for a distinct separation between the IdM system of the client and that of the cloud or service provider. Since a user is only required to authenticate once to our system, our solution represents a client centric single sign-on mechanism for the use of cloud services.
Keywords
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
Brad, A.M.: New threats in cloud computing - with focus on identity and access management. Master’s thesis, Johannes Kepler Universität Linz (July 2010)
Vleju, M.B.: New threats in cloud computing - with focus on cloud misuse and cloud vulnerabilities from the client side. Master’s thesis, Johannes Kepler Universität Linz (July 2010)
Brunette, G., Mogull, R.: Security Guidance for critical areas of focus in Cloud Computing V2. 1. CSA (Cloud Security Alliance), USA (2009), http://www.cloudsecurityalliance.org/guidance/csaguide.v21
Fahmy, H.: New threats in cloud computing - ensuring proper connection and database forensics from the client side. Master’s thesis, Johannes Kepler Universität Linz (July 2010)
Alpár, G., Hoepman, J.H., Siljee, J.: The identity crisis. security, privacy and usability issues in identity management. CoRR abs/1101.0427 (2011)
Dhamija, R., Dusseault, L.: The seven flaws of identity management: Usability and security challenges. IEEE Security Privacy 6(2), 24–29 (2008)
Ahn, G.J., Ko, M., Shehab, M.: Privacy-enhanced user-centric identity management. In: IEEE International Conference on Communications, ICC 2009, pp. 1–5 (June 2009)
Schechter, S., Dhamija, R., Ozment, A., Fischer, I.: The emperor’s new security indicators. In: IEEE Symposium on Security and Privacy, SP 2007, pp. 51–65 (May 2007)
Zhang, Y., Chen, J.L.: Universal identity management model based on anonymous credentials. In: 2010 IEEE International Conference on Services Computing (SCC), pp. 305–312 (July 2010)
Alrodhan, W., Mitchell, C.: Addressing privacy issues in cardspace. In: Third International Symposium on Information Assurance and Security, IAS 2007, pp. 285–291 (August 2007)
Oppliger, R., Gajek, S., Hauser, R.: Security of microsoft’s identity metasystem and cardspace. In: Communication in Distributed Systems (KiVS), 2007 ITG-GI Conference, February 26 - March 2, pp. 1–12 (2007)
Cameron, K., Posch, R., Rannenberg, K.: Proposal for a Common Identity Framework: A User-Centric Identity Metasystem (2008)
Börger, E., Stärk, R.F.: Abstract State Machines. A Method for High-Level System Design and Analysis. Springer (2003)
Bakken, D., Rarameswaran, R., Blough, D., Franz, A., Palmer, T.: Data obfuscation: anonymity and desensitization of usable data sets. IEEE Security Privacy 2(6), 34–41 (2004)
The Open Group Identity Management Work Area: Identity management. White Paper (March 2004)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Vleju, M.B. (2012). A Client-Centric ASM-Based Approach to Identity Management in Cloud Computing. In: Castano, S., Vassiliadis, P., Lakshmanan, L.V., Lee, M.L. (eds) Advances in Conceptual Modeling. ER 2012. Lecture Notes in Computer Science, vol 7518. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33999-8_5
Download citation
DOI: https://doi.org/10.1007/978-3-642-33999-8_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33998-1
Online ISBN: 978-3-642-33999-8
eBook Packages: Computer ScienceComputer Science (R0)