Skip to main content
SpringerLink
Log in
Book cover

International Conference on Conceptual Modeling

ER 2012: Advances in Conceptual Modeling pp 34–43Cite as

A Client-Centric ASM-Based Approach to Identity Management in Cloud Computing

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNISA,volume 7518))

Abstract

We introduce the concept of an identity management machine (based on ASM) to mitigate problems regarding identity management in cloud computing. We decompose the client to cloud interaction into three distinct scenarios and introduce a set of ASM rules for each of them. We first consider a direct client to cloud interaction where the identity information stored on the client side is mapped to the identity created on the cloud provider’s IdM system. To enhance privacy we then introduce the concept of real, obfuscated and partially obfuscated identities. Finally we take advantage of the increase in standardization in IdM systems defining the rules necessary to support authentication protocols such as OpenID. Our solution makes no supposition regarding the technologies used by the client and the cloud provider. Through abstract functions we allow for a distinct separation between the IdM system of the client and that of the cloud or service provider. Since a user is only required to authenticate once to our system, our solution represents a client centric single sign-on mechanism for the use of cloud services.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Brad, A.M.: New threats in cloud computing - with focus on identity and access management. Master’s thesis, Johannes Kepler Universität Linz (July 2010)

    Google Scholar 

  2. Vleju, M.B.: New threats in cloud computing - with focus on cloud misuse and cloud vulnerabilities from the client side. Master’s thesis, Johannes Kepler Universität Linz (July 2010)

    Google Scholar 

  3. Brunette, G., Mogull, R.: Security Guidance for critical areas of focus in Cloud Computing V2. 1. CSA (Cloud Security Alliance), USA (2009), http://www.cloudsecurityalliance.org/guidance/csaguide.v21

  4. Fahmy, H.: New threats in cloud computing - ensuring proper connection and database forensics from the client side. Master’s thesis, Johannes Kepler Universität Linz (July 2010)

    Google Scholar 

  5. Alpár, G., Hoepman, J.H., Siljee, J.: The identity crisis. security, privacy and usability issues in identity management. CoRR abs/1101.0427 (2011)

    Google Scholar 

  6. Dhamija, R., Dusseault, L.: The seven flaws of identity management: Usability and security challenges. IEEE Security Privacy 6(2), 24–29 (2008)

    Article  Google Scholar 

  7. Ahn, G.J., Ko, M., Shehab, M.: Privacy-enhanced user-centric identity management. In: IEEE International Conference on Communications, ICC 2009, pp. 1–5 (June 2009)

    Google Scholar 

  8. Schechter, S., Dhamija, R., Ozment, A., Fischer, I.: The emperor’s new security indicators. In: IEEE Symposium on Security and Privacy, SP 2007, pp. 51–65 (May 2007)

    Google Scholar 

  9. Zhang, Y., Chen, J.L.: Universal identity management model based on anonymous credentials. In: 2010 IEEE International Conference on Services Computing (SCC), pp. 305–312 (July 2010)

    Google Scholar 

  10. Alrodhan, W., Mitchell, C.: Addressing privacy issues in cardspace. In: Third International Symposium on Information Assurance and Security, IAS 2007, pp. 285–291 (August 2007)

    Google Scholar 

  11. Oppliger, R., Gajek, S., Hauser, R.: Security of microsoft’s identity metasystem and cardspace. In: Communication in Distributed Systems (KiVS), 2007 ITG-GI Conference, February 26 - March 2, pp. 1–12 (2007)

    Google Scholar 

  12. Cameron, K., Posch, R., Rannenberg, K.: Proposal for a Common Identity Framework: A User-Centric Identity Metasystem (2008)

    Google Scholar 

  13. Börger, E., Stärk, R.F.: Abstract State Machines. A Method for High-Level System Design and Analysis. Springer (2003)

    Google Scholar 

  14. Bakken, D., Rarameswaran, R., Blough, D., Franz, A., Palmer, T.: Data obfuscation: anonymity and desensitization of usable data sets. IEEE Security Privacy 2(6), 34–41 (2004)

    Article  Google Scholar 

  15. The Open Group Identity Management Work Area: Identity management. White Paper (March 2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Christian-Doppler Laboratory for Client-Centric Cloud Computing (CDCC), Softwarepark 21, 4232, Hagenberg im Mühlkreis, Austria

    Mircea Boris Vleju

Authors
  1. Mircea Boris Vleju
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Computer Science, Università degli Studi di Milano, Via Comelico, 39, 20135, Milano, Italy

    Silvana Castano

  2. Department of Computer Science, University of Ioannina, 45110, Ioannina, Hellas, Greece

    Panos Vassiliadis

  3. Department of Computer Science, University of British Columbia, 2366 Main Mall-Vancouver, V6T 1Z4, BC, Canada

    Laks V. Lakshmanan

  4. School of Computing, National University of Singapore, 1,13 Computer Drive, 117417, Singapore

    Mong Li Lee

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Vleju, M.B. (2012). A Client-Centric ASM-Based Approach to Identity Management in Cloud Computing. In: Castano, S., Vassiliadis, P., Lakshmanan, L.V., Lee, M.L. (eds) Advances in Conceptual Modeling. ER 2012. Lecture Notes in Computer Science, vol 7518. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33999-8_5

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-33999-8_5

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33998-1

  • Online ISBN: 978-3-642-33999-8

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation