Skip to main content
SpringerLink
Log in

Identity Management in Cloud Systems

  • Chapter
  • First Online:
Security, Privacy and Trust in Cloud Systems

Abstract

Identity management systems are of paramount importance to provide authentication and authorization based on end user identities trying to preserve privacy, while at the same time enhancing interoperability across multiple domains.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Similar content being viewed by others

References

  1. ABC4Trust. Attribute-based credentials for trust. European union funded project of the 7th framework programme. [Online]. Available: https://abc4trust.eu/

  2. Alrodhan WA, Mitchell CJ (2007) Addressing privacy issues in CardSpace. In: Proceedings of the 3rd international symposium on information assurance and security (IAS ’07), Manchester, UK, pp 285–291

    Google Scholar 

  3. Ates M, Buccafurri F, Fayolle J, Lax G (2012) A warning on how to implement anonymous credential protocols into the information card framework. Int J Inf Secur 11(1):33–40

    Article  Google Scholar 

  4. Bertocci V, Serack G, Baker C (2008) Understanding windows CardSpace: an introduction to the concepts and challenges of digital identities. Addison-Wesley, Reading

    Google Scholar 

  5. Bogdanov D, Niitsoo M, Toft T, Willemson J (2012) High-performance secure multi-party computation for data mining applications. Int J Inf Secur 11(6):403–418

    Article  Google Scholar 

  6. Brands S (2000) Rethinking public key infrastructures and digital certificates: building in privacy. MIT Press, Cambridge

    Google Scholar 

  7. Brands S, Demuynck L, De Decker B (2007) A practical system for globally revoking the unlinkable pseudonyms of unknown users. In: Proceedings of the 12th Australasian conference on information security and privacy, ACISP’07. Springer

    Google Scholar 

  8. Callegati F, Cerroni W, Ramilli M (2009) Man-in-the-middle attack to the HTTPS protocol. IEEE Secur Priv 7(1):78–81

    Article  Google Scholar 

  9. Camenisch J, Lysyanskaya A (2001) An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Birgit Pfitzmann (ed) Proceedings of the international conference on the theory and application of cryptographic techniques: advances in cryptology (EUROCRYPT ’01), Springer-Verlag, London, UK, pp 93–118

    Google Scholar 

  10. Camenisch J, Van Herreweghen E (2002) Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM conference on computer and communications, security

    Google Scholar 

  11. Camenisch J, Krontiris I, Lehmann A, Neven G, Paquin C, Rannenberg K, Zwingelberg H (2011) D2.1 architecture for attribute-based credential technologies. Deliverable of ABC4Trust European project

    Google Scholar 

  12. Chadwick DW, Inman G (2009) Attribute aggregation in federated identity management. IEEE Comput Soc 42(5):33–40

    Article  Google Scholar 

  13. Chappell D (2006) Introducing windows CardSpace. MSDN, Available: http://msdn.microsoft.com/en-us/library/aa480189.aspx

  14. Christodorescu M, Sailer R, Schales DL, Sgandurra D, Zamboni D (2009) Cloud security is not (just) virtualization security: a short paper. In: Proceedings of the 2009 ACM workshop on cloud computing security (CCSW ’09), ACM, New York, NY, USA, pp 97–102

    Google Scholar 

  15. Clercq JD (2002) Single sign-on architectures. In InfraSec ’02: proceedings of the international conference on infrastructure security, Springer, Bristol, UK, pp 40–58

    Google Scholar 

  16. van Delft B, Oostdijk M (2010) A security analysis of OpenID. Policies Res Identity Manag 343:73–84

    Article  Google Scholar 

  17. Dólera Tormo G, Gómez Mármol F, Martínez Pérez G (2012) On the application of trust and reputation management and user-centric techniques for identity management systems. XII Spanish meeting on cryptology and information security (RECSI 2012), San Sebastián, Spain

    Google Scholar 

  18. Dólera Tormo G, López Millán G, Martínez Pérez G (2013) Definition of an advanced identity management infrastructure. Int J Inf Secur 12(3):173–200

    Google Scholar 

  19. Eclipse.org, Higgins 2.0 Personal Data Service. [Online]. Available: http://www.eclipse.org/higgins/

  20. Erdos M, Cantor S (2002) Shibboleth architecture DRAFT v05. [Online]. Available: http://shibboleth.internet2.edu/docs/draft-internet2-shibboleth-arch-v05.pdf

  21. Gajek S, Schwenk J, Steiner M, Xuan C (2009) Risks of the CardSpace protocol. Lect Notes Comput Sci 5735:278–293

    Article  Google Scholar 

  22. Goldreich O, Micali S, Wigderson A (1991) Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. J ACM (JACM) 38(3):690–728

    Article  MathSciNet  Google Scholar 

  23. Goldwasser S, Micali S, Rackoff C (1989) The knowledge complexity of interactive proof systems. SIAM J Comput 18(1):186–208

    Article  MathSciNet  MATH  Google Scholar 

  24. Mármol Gómez F, Martínez Pérez G (2009) Security threats scenarios in trust and reputation models for distributed systems. Comput Secur 28(7):545–556

    Article  Google Scholar 

  25. Mármol Gómez F, Girao J, Martínez Pérez G (2010) TRIMS, a privacy-aware trust and reputation model for identity management systems. Comput Netw 54(16):2899–2912

    Article  Google Scholar 

  26. Gómez Mármol F, Kuhnen M, Martínez Pérez G (2011) Enhancing OpenID through a reputation framework. In: Proceedings of the 8th international conference on autonomic and trusted, computing ATC11, p 118

    Google Scholar 

  27. Hammer-Lahav, E. and Recordon, D., “The OAuth 1.0 Protocol”, Internet Engineering Task Force (IETF) RFC 5849, 2010.

    Google Scholar 

  28. Harding P, Madsen P, Drake TC, Mortimore C (2012) System for cross-domain identity management: core schema. Internet Draft. draft-ietf-scim-core-schema-00 (SCIM)

    Google Scholar 

  29. Hardt D (ed) (2012) The OAuth 2.0 authorization framework. Technical report, IETF. Available: http://tools.ietf.org/html/draft-ietf-oauth-v2-31

  30. Herranz J, Iñigo J, Pujol H (2009) Privacy features of authentication systems. In: Proceeding of the first workshop on law and web 2.0, Barcelona, Spain. pp 35–46

    Google Scholar 

  31. Hoschek W, Jaen-Martinez J, Samar A, Stockinger H, Stockinger K (2000) Data management in an international data grid project. Lect Notes Comput Sci 1971:77–90

    Article  Google Scholar 

  32. IBM Research, Zurich (2010) Specification of the identity mixer cryptographic library

    Google Scholar 

  33. Identity Commons. [Online]. Available: http://www.identitycommons.net/

  34. Jagatic TN, Johnson NA, Jakobsson M, Menczer F (2007) Social phishing. Commun ACM 50:94–100

    Article  Google Scholar 

  35. OASIS Standard (2009) Identity Metasystem Interoperability Version 1.0 (IMI 1.0). Available: http://docs.oasis-open.org/imi/identity/v1.0/identity.html

  36. Kantara Initiative. [Online]. Available: http://kantarainitiative.org/

  37. Kolšek M (2002) Session fixation vulnerability in web-based applications. ACROS security, Available: http://www.acrossecurity.com/papers/session_fixation.pdf

  38. Kontaxis G, Polychronakis M, Markatos EP (2012) Minimizing information disclosure to third parties in social login platforms. Int J Inf Secur 11(5):321–332

    Article  Google Scholar 

  39. Maler E, Reed D (2008) The venn of identity: options and issues in federated identity management. IEEE Secur Priv 6:16–23

    Article  Google Scholar 

  40. Nanda A, Jones MB (2008) Identity selector interoperability profile v1.5. Microsoft Corp. Available: http://download.microsoft.com/download/1/1/a/11ac6505-e4c0-4e05-987c-6f1d31855cd2/Identity_Selector_Interoperability_Profile_V1.5.pdf

  41. OASIS IDCloud TC. OASIS identity in the cloud TC. [Online]. Available: http://wiki.oasis-open.org/id-cloud/

  42. OASIS Privacy Management Reference Model (PMRM) TC [Online]. Available: http://www.oasis-open.org/committees/pmrm

  43. OASIS Standard. eXtensible access control markup language TC v2.0 (XACML) (2005) Available: http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf

  44. OASIS Standard: assertions and protocols for the OASIS security assertion markup language (SAML) version 2.0 (2005).

    Google Scholar 

  45. OAuth Community. [Online]. Available: http://oauth.net/community/

  46. OpenID Community. [Online]. Available: http://openid.net/community/

  47. Paquin C, Thompson G (2010) U-prove CTP white paper. Microsoft Tech Rep

    Google Scholar 

  48. Pearson S, Benameur A (2010) Privacy, security and trust issues arising from cloud computing. In: Proceedings of the second international conference on cloud computing technology and science (CloudCom), Bristol, UK, pp 693–702

    Google Scholar 

  49. PrimeLife. European union funded project of the 7th framework programme. [Online]. Available: http://primelife.ercim.eu/

  50. Recordon D, Drummond R (2006) OpenID 2.0: a platform for user-centric identity management. In: Proceedings of the second ACM workshop on digital identity management, Alexandria, VA, USA, pp 11–16

    Google Scholar 

  51. Saldhana A, Nadalin A, Rutkowski M (2012) Identity in the cloud use cases version 1.0. Available: http://docs.oasis-open.org/id-cloud/IDCloud-usecases/v1.0/cn01/IDCloud-usecases-v1.0-cn01.html

  52. STORK (Secure idenTity acrOss boRders linKed), European Union funded project of the 7th framework programme. [Online]. Available: https://www.eid-stork.eu/

  53. SWIFT. Secure widespread identities for federated telecommunications. European Union funded project of the 7th framework programme. [Online]. Available: http://www.ist-swift.org/

  54. Tanenbaum AS, Van Steen M (2001) Distributed systems: principles and paradigms. Prentice Hall, Upper Saddle River, NJ

    Google Scholar 

  55. The White House. National strategy for trusted identities in cyberspace (NSTIC). [Online]. Available: http://www.nist.gov/

  56. Trevithick P. Relationship cards. Higgins report, 19 Sept 2009. Available: http://www.eclipse.org/higgins/documents/relationship-cards.html

  57. U-Prove: Microsoft Corporation Technology (2010) [Online]. Available: http://www.microsoft.com/u-prove

  58. Ustaoğlu B (2011) Integrating identity-based and certificate-based authenticated key exchange protocols. Int J Inf Secur 10(4):201–212

    Article  Google Scholar 

  59. Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of the 29th conference on information communications (INFOCOM’10). IEEE Press, Piscataway, pp 525–533

    Google Scholar 

  60. Web Identity Working group. [Online]. Available: http://www.w3.org/2011/08/webidentity-charter.html

Download references

Author information

Authors and Affiliations

  1. NEC Laboratories Europe, Kurfürsten-Anlage 36, 69115, Heidelberg, Germany

    Ginés Dólera Tormo & Félix Gómez Mármol

  2. Departamento de Ingeniería de la Información y las Comunicaciones Facultad de Informática, Universidad de Murcia, 30100, Murcia, Spain

    Gregorio Martínez Pérez

Authors
  1. Ginés Dólera Tormo
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Félix Gómez Mármol
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gregorio Martínez Pérez
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Ginés Dólera Tormo .

Editor information

Editors and Affiliations

  1. CSIRO ICT Centre, Marsfield, New South Wales, Australia

    Surya Nepal

  2. Telstra Corporation Limited, Melbourne, Victoria, Australia

    Mukaddim Pathan

Rights and permissions

Reprints and permissions

Copyright information

© 2014 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Dólera Tormo, G., Gómez Mármol, F., Martínez Pérez, G. (2014). Identity Management in Cloud Systems. In: Nepal, S., Pathan, M. (eds) Security, Privacy and Trust in Cloud Systems. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38586-5_6

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-38586-5_6

  • Published:

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-38585-8

  • Online ISBN: 978-3-642-38586-5

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation