Advertisement

Secure Identity Management System for Federated Cloud Environment

  • Umme HabibaEmail author
  • Rahat Masood
  • Muhammad Awais Shibli
Part of the Studies in Computational Intelligence book series (SCI, volume 569)

Abstract

Federated Identity Management (FIM) systems are well-known for achieving reliable and effective collaboration among various organizations. Despite numerous benefits, these systems have certain critical weaknesses such as lack of security and privacy while disseminating identity credentials (Personally Identifiable Information (PII)) across multiple federated Cloud environments. In addition to this, FIMsystems have limitations in terms of interoperability and lack compliance to international standards, since most of the systems are reliant on proprietary protocols for the exchange of identity information. In this regard, we propose a secure identity management system for federated Cloud environments that not only ensures the secure management of identity credentials, but preserves the privacy of Cloud Service Consumers (CSC) also. Furthermore, implementation of the proposed system involves state-of-the-art international standards (SCIM, SAML, REST and XACML) to ensure secure, quick and easy sharing & management of identity credentials in to, out of and around the Cloud. Further, we have performed rigorous evaluation of the proposed system using standard evaluation tools such as Scyther and JUnit. The results of our evaluation certify that the presented work ensures the desired features and level of security as expected from a secure identity management system for federated Cloud environment.

Keywords

Identity management systems cross-domain identity management Access right delegation identity synchronization Cloud computing 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Jøsang, A., Fabre, J., Hay, B., Dalziel, J., Pope, S.: Trust requirements in identity management. In: Proceedings of the 2005 Australasian Workshop on Grid Computing and e-research, vol. 44, pp. 99–108. Australian Computer Society, Inc. (2005)Google Scholar
  2. 2.
    Habiba, U., Ghafoor, A., Masood, R., Shibli, M.A.: Assessment criteria for cloud identity management systems. In: 19th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2013). IEEE (2014)Google Scholar
  3. 3.
    Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I.: Above the clouds: A berkeley view of cloud computing. Dept. Electrical Eng. and Comput. Sciences, University of California, Berkeley, Rep. UCB/EECS, vol. 28 (2009)Google Scholar
  4. 4.
    Ghazizadeh, E., Zamani, M., Ab Manan, J.-L., Pashang, A.: A survey on security issues of federated identity in the cloud computing. In: 2012 IEEE 4th International Conference on Cloud Computing Technology and Science (CloudCom), pp. 532–565. IEEE (2012)Google Scholar
  5. 5.
    Angin, P., Bhargava, B., Ranchal, R., Singh, N., Linderman, M., Ben Othmane, L., Lilien, L.: An entity-centric approach for privacy and identity management in cloud computing. In: 2010 29th IEEE Symposium on Reliable Distributed Systems, pp. 177–183. IEEE (2010)Google Scholar
  6. 6.
    Sanchez, R., Almenares, F., Arias, P., Diaz-Sanchez, D., Marín, A.: Enhancing privacy and dynamic federation in idm for consumer cloud computing. IEEE Transactions on Consumer Electronics 58(1), 95–103 (2012)CrossRefGoogle Scholar
  7. 7.
    Shamoon, I., Rajpoot, Q., Shibli, A.: Policy conflict management using xacml. In: 2012 8th International Conference on Computing and Networking Technology (ICCNT), pp. 287–291 (August 2012)Google Scholar
  8. 8.
    Celesti, A., Tusa, F., Villari, M., Puliafito, A.: Security and cloud computing: intercloud identity management infrastructure. In: 2010 19th IEEE International Workshop on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE), pp. 263–265. IEEE (2010)Google Scholar
  9. 9.
    Yan, L., Rong, C., Zhao, G.: Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) Cloud Computing. LNCS, vol. 5931, pp. 167–177. Springer, Heidelberg (2009)CrossRefGoogle Scholar
  10. 10.
    Chadwick, D.W., Casenove, M.: Security apis for my private cloud-granting access to anyone, from anywhere at any time. In: 2011 IEEE Third International Conference on Cloud Computing Technology and Science (CloudCom), pp. 792–798. IEEE (2011)Google Scholar
  11. 11.
    Kim, I.K., Pervez, Z., Khattak, A.M., Lee, S.: Chord based identity management for e-healthcare cloud applications. In: 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT), pp. 391–394. IEEE (2010)Google Scholar
  12. 12.
    Kumaraswamy, S., Lakshminarayanan, S., Stein, M.R.J., Wilson, Y.: Domain 12: Guidance for identity & access management v2. 1. Cloud Security Alliance 10 (2010), http://www.cloudsecurityalliance.org/guidance/csaguide-dom12-v2
  13. 13.
    Hitachi id identity manager (January 2014), http://hitachi-id.com/identity-manager/ (accessed August 28, 2013)
  14. 14.
    Identity manager 4 standard edition, https://www.netiq.com/products/identity-manager/standard/features/ (accessed August 2013)
  15. 15.
    Morley, M., Lawrence, B.: The cloud: Changing the business ecosystem, http://msdn.microsoft.com/en-us/library/cc836391.aspx (accessed August 28, 2013)
  16. 16.
    Mcafee cloud identity manager, http://www.mcafee.com/ca/resources/data-sheets/ds-cloud-identity-manager.pdf (accessed August 28, 2013)
  17. 17.
    Jansen, W.: Directions in security metrics research. DIANE Publishing (2010)Google Scholar
  18. 18.
    Cremers, C.J.F.: The scyther tool: Verification, falsification, and analysis of security protocols. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 414–418. Springer, Heidelberg (2008)CrossRefGoogle Scholar

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Umme Habiba
    • 1
    Email author
  • Rahat Masood
    • 1
  • Muhammad Awais Shibli
    • 1
  1. 1.School of Electrical Engineering & Computer ScienceNational University of Science & TechnologyIslamabadPakistan

Personalised recommendations