Abstract
Along with the rapid growth in adoption of cloud services, there have been developments towards a new emerging concept, called Identity Management as a Service. As the internal IT systems were not designed for externals, the IT solutions from the cloud can solve the challenges of connecting the enterprises to the outer world and consequently, bring all the benefits of the cloud-based services to them.
However, the other side of the coin of moving towards outsourcing identity infrastructure is a set of privacy and security challenges that cannot be neglected. In this paper, we propose an architectural model based on Privacy Preserving Attribute-based Credentials, and show how we can benefit from the advantages of Privacy-ABCs to help the concept of Identity Management as a Service, and address the privacy concerns that it raises.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
The NIST Definition of Cloud Computing, http://csrc.nist.gov/publications/nistpubs/800-145/SP800-145.pdf
Harms, R., Yamartino, M.: The economics of the Cloud, http://www.microsoft.com/en-us/news/presskits/cloud/docs/the-economics-of-the-cloud.pdf
The adoption of cloud-based services, http://www.ca.com/es/media/files/industryanalystreports/the-adoption-of-cloud-based-services-increasing-confidence-through-effective-security.pdf
Office 365, http://www.office365.com/
Google Apps, http://www.google.com/apps
The future of cloud computing, 3rd annual survey (2013), http://www.northbridge.com/2013-cloud-computing-survey
Gopalakrishnan, A.: Cloud computing identity management. SETLabs briefings 7(7), 45–54 (2009)
Digital identities and the open business, http://www.ca.com/cn//media/files/industryresearch/quocirca-digital-identities.pdf
Alliance, C.: Security guidance for critical areas of focus in cloud computing v3. 0. Cloud Security Alliance (2011)
Nunez, D., Agudo, I., Lopez, J.: Integrating openid with proxy re-encryption to enhance privacy in cloud-based identity services. In: 2012 IEEE 4th International Conference on Cloud Computing Technology and Science (CloudCom), pp. 241–248 (2012)
Brodkin, J.: Gartner: Seven cloud-computing security risks (2008)
Pearson, S., Benameur, A.: Privacy, security and trust issues arising from cloud computing. In: 2010 IEEE Second International Conference on Cloud Computing Technology and Science (CloudCom), pp. 693–702 (2010)
Takabi, H., Joshi, J., Ahn, G.-J.: Security and privacy challenges in cloud computing environments. IEEE Security Privacy 8(6), 24–31 (2010)
Angin, P., Bhargava, B., Ranchal, R., Singh, N., Linderman, M., Ben Othmane, L., Lilien, L.: An entity-centric approach for privacy and identity management in cloud computing. In: 2010 29th IEEE Symposium on Reliable Distributed Systems, pp. 177–183. IEEE (2010)
Architecture serving complex Identity Infrastructures, http://www.trustindigitallife.eu/actor/tdl-publications.html
Chow, S., He, Y.-J., Hui, L., Yiu, S.: Spice simple privacy-preserving identity-management for cloud environment. In: Bao, F., Samarati, P., Zhou, J. (eds.) ACNS 2012. LNCS, vol. 7341, pp. 526–543. Springer, Heidelberg (2012), http://dx.doi.org/10.1007/978-3-642-31284-7_31
Bertino, E., Paci, F., Ferrini, R., Shang, N.: Privacy-preserving digital identity management for cloud computing. IEEE Data Eng. Bull. 32(1), 21–27 (2009)
Sabouri, A., Krontiris, I., Rannenberg, K.: Attribute-based credentials for trust (ABC4Trust). In: Fischer-Hübner, S., Katsikas, S., Quirchmayr, G. (eds.) TrustBus 2012. LNCS, vol. 7449, pp. 218–219. Springer, Heidelberg (2012)
Chaum, D.L.: Untraceable electronic mail, return addresses, and digital pseudonyms. Communications of the ACM 24(2), 84–90 (1981)
Belenkiy, M., Camenisch, J., Chase, M., Kohlweiss, M., Lysyanskaya, A., Shacham, H.: Randomizable proofs and delegatable anonymous credentials. In: Halevi, S. (ed.) CRYPTO 2009. LNCS, vol. 5677, pp. 108–125. Springer, Heidelberg (2009)
Brands, S.A.: Rethinking public key infrastructures and digital certificates: building in privacy. MIT Press (2000)
Camenisch, J.L., Lysyanskaya, A.: An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Pfitzmann, B. (ed.) EUROCRYPT 2001. LNCS, vol. 2045, pp. 93–118. Springer, Heidelberg (2001)
Camenisch, J.L., Lysyanskaya, A.: Signature schemes and anonymous credentials from bilinear maps. In: Franklin, M. (ed.) CRYPTO 2004. LNCS, vol. 3152, pp. 56–72. Springer, Heidelberg (2004)
Camenisch, J., Dubovitskaya, M., Lehmann, A., Neven, G., Paquin, C., Preiss, F.-S.: Concepts and languages for privacy-preserving attribute-based authentication (2013)
Microsoft U-Prove, http://www.microsoft.com/uprove
Identity Mixer, http://idemix.wordpress.com/
D2.1 Architecture for Attribute-based Credential Technologies Version 1, https://abc4trust.eu/download/ABC4Trust-D2.1-Architecture-V1.pdf
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer International Publishing Switzerland
About this paper
Cite this paper
Sabouri, A., Bjones, R. (2014). Privacy-ABCs to Leverage Identity Management as a Service. In: Preneel, B., Ikonomou, D. (eds) Privacy Technologies and Policy. APF 2014. Lecture Notes in Computer Science, vol 8450. Springer, Cham. https://doi.org/10.1007/978-3-319-06749-0_10
Download citation
DOI: https://doi.org/10.1007/978-3-319-06749-0_10
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-06748-3
Online ISBN: 978-3-319-06749-0
eBook Packages: Computer ScienceComputer Science (R0)