Abstract
Identity management systems are of paramount importance to provide authentication and authorization based on end user identities trying to preserve privacy, while at the same time enhancing interoperability across multiple domains.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Similar content being viewed by others
References
ABC4Trust. Attribute-based credentials for trust. European union funded project of the 7th framework programme. [Online]. Available: https://abc4trust.eu/
Alrodhan WA, Mitchell CJ (2007) Addressing privacy issues in CardSpace. In: Proceedings of the 3rd international symposium on information assurance and security (IAS ’07), Manchester, UK, pp 285–291
Ates M, Buccafurri F, Fayolle J, Lax G (2012) A warning on how to implement anonymous credential protocols into the information card framework. Int J Inf Secur 11(1):33–40
Bertocci V, Serack G, Baker C (2008) Understanding windows CardSpace: an introduction to the concepts and challenges of digital identities. Addison-Wesley, Reading
Bogdanov D, Niitsoo M, Toft T, Willemson J (2012) High-performance secure multi-party computation for data mining applications. Int J Inf Secur 11(6):403–418
Brands S (2000) Rethinking public key infrastructures and digital certificates: building in privacy. MIT Press, Cambridge
Brands S, Demuynck L, De Decker B (2007) A practical system for globally revoking the unlinkable pseudonyms of unknown users. In: Proceedings of the 12th Australasian conference on information security and privacy, ACISP’07. Springer
Callegati F, Cerroni W, Ramilli M (2009) Man-in-the-middle attack to the HTTPS protocol. IEEE Secur Priv 7(1):78–81
Camenisch J, Lysyanskaya A (2001) An efficient system for non-transferable anonymous credentials with optional anonymity revocation. In: Birgit Pfitzmann (ed) Proceedings of the international conference on the theory and application of cryptographic techniques: advances in cryptology (EUROCRYPT ’01), Springer-Verlag, London, UK, pp 93–118
Camenisch J, Van Herreweghen E (2002) Design and implementation of the idemix anonymous credential system. In: Proceedings of the 9th ACM conference on computer and communications, security
Camenisch J, Krontiris I, Lehmann A, Neven G, Paquin C, Rannenberg K, Zwingelberg H (2011) D2.1 architecture for attribute-based credential technologies. Deliverable of ABC4Trust European project
Chadwick DW, Inman G (2009) Attribute aggregation in federated identity management. IEEE Comput Soc 42(5):33–40
Chappell D (2006) Introducing windows CardSpace. MSDN, Available: http://msdn.microsoft.com/en-us/library/aa480189.aspx
Christodorescu M, Sailer R, Schales DL, Sgandurra D, Zamboni D (2009) Cloud security is not (just) virtualization security: a short paper. In: Proceedings of the 2009 ACM workshop on cloud computing security (CCSW ’09), ACM, New York, NY, USA, pp 97–102
Clercq JD (2002) Single sign-on architectures. In InfraSec ’02: proceedings of the international conference on infrastructure security, Springer, Bristol, UK, pp 40–58
van Delft B, Oostdijk M (2010) A security analysis of OpenID. Policies Res Identity Manag 343:73–84
Dólera Tormo G, Gómez Mármol F, Martínez Pérez G (2012) On the application of trust and reputation management and user-centric techniques for identity management systems. XII Spanish meeting on cryptology and information security (RECSI 2012), San Sebastián, Spain
Dólera Tormo G, López Millán G, Martínez Pérez G (2013) Definition of an advanced identity management infrastructure. Int J Inf Secur 12(3):173–200
Eclipse.org, Higgins 2.0 Personal Data Service. [Online]. Available: http://www.eclipse.org/higgins/
Erdos M, Cantor S (2002) Shibboleth architecture DRAFT v05. [Online]. Available: http://shibboleth.internet2.edu/docs/draft-internet2-shibboleth-arch-v05.pdf
Gajek S, Schwenk J, Steiner M, Xuan C (2009) Risks of the CardSpace protocol. Lect Notes Comput Sci 5735:278–293
Goldreich O, Micali S, Wigderson A (1991) Proofs that yield nothing but their validity or all languages in NP have zero-knowledge proof systems. J ACM (JACM) 38(3):690–728
Goldwasser S, Micali S, Rackoff C (1989) The knowledge complexity of interactive proof systems. SIAM J Comput 18(1):186–208
Mármol Gómez F, Martínez Pérez G (2009) Security threats scenarios in trust and reputation models for distributed systems. Comput Secur 28(7):545–556
Mármol Gómez F, Girao J, Martínez Pérez G (2010) TRIMS, a privacy-aware trust and reputation model for identity management systems. Comput Netw 54(16):2899–2912
Gómez Mármol F, Kuhnen M, Martínez Pérez G (2011) Enhancing OpenID through a reputation framework. In: Proceedings of the 8th international conference on autonomic and trusted, computing ATC11, p 118
Hammer-Lahav, E. and Recordon, D., “The OAuth 1.0 Protocol”, Internet Engineering Task Force (IETF) RFC 5849, 2010.
Harding P, Madsen P, Drake TC, Mortimore C (2012) System for cross-domain identity management: core schema. Internet Draft. draft-ietf-scim-core-schema-00 (SCIM)
Hardt D (ed) (2012) The OAuth 2.0 authorization framework. Technical report, IETF. Available: http://tools.ietf.org/html/draft-ietf-oauth-v2-31
Herranz J, Iñigo J, Pujol H (2009) Privacy features of authentication systems. In: Proceeding of the first workshop on law and web 2.0, Barcelona, Spain. pp 35–46
Hoschek W, Jaen-Martinez J, Samar A, Stockinger H, Stockinger K (2000) Data management in an international data grid project. Lect Notes Comput Sci 1971:77–90
IBM Research, Zurich (2010) Specification of the identity mixer cryptographic library
Identity Commons. [Online]. Available: http://www.identitycommons.net/
Jagatic TN, Johnson NA, Jakobsson M, Menczer F (2007) Social phishing. Commun ACM 50:94–100
OASIS Standard (2009) Identity Metasystem Interoperability Version 1.0 (IMI 1.0). Available: http://docs.oasis-open.org/imi/identity/v1.0/identity.html
Kantara Initiative. [Online]. Available: http://kantarainitiative.org/
Kolšek M (2002) Session fixation vulnerability in web-based applications. ACROS security, Available: http://www.acrossecurity.com/papers/session_fixation.pdf
Kontaxis G, Polychronakis M, Markatos EP (2012) Minimizing information disclosure to third parties in social login platforms. Int J Inf Secur 11(5):321–332
Maler E, Reed D (2008) The venn of identity: options and issues in federated identity management. IEEE Secur Priv 6:16–23
Nanda A, Jones MB (2008) Identity selector interoperability profile v1.5. Microsoft Corp. Available: http://download.microsoft.com/download/1/1/a/11ac6505-e4c0-4e05-987c-6f1d31855cd2/Identity_Selector_Interoperability_Profile_V1.5.pdf
OASIS IDCloud TC. OASIS identity in the cloud TC. [Online]. Available: http://wiki.oasis-open.org/id-cloud/
OASIS Privacy Management Reference Model (PMRM) TC [Online]. Available: http://www.oasis-open.org/committees/pmrm
OASIS Standard. eXtensible access control markup language TC v2.0 (XACML) (2005) Available: http://docs.oasis-open.org/xacml/2.0/access_control-xacml-2.0-core-spec-os.pdf
OASIS Standard: assertions and protocols for the OASIS security assertion markup language (SAML) version 2.0 (2005).
OAuth Community. [Online]. Available: http://oauth.net/community/
OpenID Community. [Online]. Available: http://openid.net/community/
Paquin C, Thompson G (2010) U-prove CTP white paper. Microsoft Tech Rep
Pearson S, Benameur A (2010) Privacy, security and trust issues arising from cloud computing. In: Proceedings of the second international conference on cloud computing technology and science (CloudCom), Bristol, UK, pp 693–702
PrimeLife. European union funded project of the 7th framework programme. [Online]. Available: http://primelife.ercim.eu/
Recordon D, Drummond R (2006) OpenID 2.0: a platform for user-centric identity management. In: Proceedings of the second ACM workshop on digital identity management, Alexandria, VA, USA, pp 11–16
Saldhana A, Nadalin A, Rutkowski M (2012) Identity in the cloud use cases version 1.0. Available: http://docs.oasis-open.org/id-cloud/IDCloud-usecases/v1.0/cn01/IDCloud-usecases-v1.0-cn01.html
STORK (Secure idenTity acrOss boRders linKed), European Union funded project of the 7th framework programme. [Online]. Available: https://www.eid-stork.eu/
SWIFT. Secure widespread identities for federated telecommunications. European Union funded project of the 7th framework programme. [Online]. Available: http://www.ist-swift.org/
Tanenbaum AS, Van Steen M (2001) Distributed systems: principles and paradigms. Prentice Hall, Upper Saddle River, NJ
The White House. National strategy for trusted identities in cyberspace (NSTIC). [Online]. Available: http://www.nist.gov/
Trevithick P. Relationship cards. Higgins report, 19 Sept 2009. Available: http://www.eclipse.org/higgins/documents/relationship-cards.html
U-Prove: Microsoft Corporation Technology (2010) [Online]. Available: http://www.microsoft.com/u-prove
Ustaoğlu B (2011) Integrating identity-based and certificate-based authenticated key exchange protocols. Int J Inf Secur 10(4):201–212
Wang C, Wang Q, Ren K, Lou W (2010) Privacy-preserving public auditing for data storage security in cloud computing. In: Proceedings of the 29th conference on information communications (INFOCOM’10). IEEE Press, Piscataway, pp 525–533
Web Identity Working group. [Online]. Available: http://www.w3.org/2011/08/webidentity-charter.html
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Dólera Tormo, G., Gómez Mármol, F., Martínez Pérez, G. (2014). Identity Management in Cloud Systems. In: Nepal, S., Pathan, M. (eds) Security, Privacy and Trust in Cloud Systems. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-38586-5_6
Download citation
DOI: https://doi.org/10.1007/978-3-642-38586-5_6
Published:
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-38585-8
Online ISBN: 978-3-642-38586-5
eBook Packages: EngineeringEngineering (R0)