Mediated IBC-Based Management System of Identity and Access in Cloud Computing

Article Sidebar

PDF
Published: Sep 18, 2013
DOI: https://doi.org/10.25130/tjes.21.2.01
Keywords:
Identity and access management, Cloud computing, Mediated cryptography, Security

Main Article Content

Sufyan T. Faraja
College of Computer, University of Anbar, Iraq
Sameeh A. Jassima
Liverpool University, UK
Kashif Kifayatb
College of Computer, University of Anbar, Iraq

Abstract

Cloud computing is a new technology that provide to consumers dramatically scalable and
virtualized resources, bandwidth, software and hardware on demand. However, cloud computing
introduces serious security problems. One of these major security concerns is the management of
access and identities of different entities involved in such environment. This paper proposes a new
system for Identity and Access Management (IAM) based on combining the techniques of Identity-Based
Cryptography (IBC) and security mediated cryptography with the Trusted Cloud (TC) to facilitate the
secure management and access control for cloud computing. IBC is an interesting choice for IAM as it
significantly reduces the key management complexity. On the other hand, mediated cryptography
enables system administrators to achieve access control in a fine grained manner, while a TC can
provide a Single Sign On (SSO) ability to users. The paper also presents results of the developed
prototype implementation of the proposed IAM system.

Metrics

Metrics Loading ...

Article Details

Issue
Vol. 21 No. 2 (2014): Vol. 21, No. 2, 2014
Section
Articles
Creative Commons License

This work is licensed under a Creative Commons Attribution 4.0 International License.

THIS IS AN OPEN ACCESS ARTICLE UNDER THE CC BY LICENSE http://creativecommons.org/licenses/by/4.0/

Crossref
Scopus
Google Scholar
Europe PMC

Plaudit

References

- Sugang Ma, “A Review on Cloud

Computing Development”, Journal of

Networks, Academy Publisher, Vol. 7, No. 2,

P.305, February 2012.

- Peter Mell and Timothy Grance, "The NIST

definition of cloud computing,”

Recommendations of National Institute of

Standards and Technology, National

Institute of Standards and Technology,

Special Publication 800-145, September,

P169, 2011.

- Sushmita Ruj, Amiya Nayak and Ivan

Stojmenovic, “DACC: Distributed Access

Control in Clouds”, International Joint

Conference of IEEEon Trusted

Communications, TrustCom-11/IEEE

ICESS-11/FCST-11, P. 91, 2011. DOI: https://doi.org/10.1167/11.11.91

- Liang Yan, Chunming Rong, and Gansen

Zhao, ”Strengthen Cloud Computing

Security with Federal Identity Management

Using Hierarchical Identity-Based

Cryptography,” M.G. Jaatun, G. Zhao, and

C. Rong (Eds.): CloudCom 2009, LNCS

, pp. 167–177, 2009, Springer-Verlag

Berlin Heidelberg 2009.

- Rohit Ranchal, Bharat Bhargava, Lotfi Ben

Othmane, Leszek Lilien, Anya Kim, Myong

Kang and Mark Linderman, “Protection of

Identity Information in Cloud Computing

without Trusted Third Party”, The 29th IEEE

International Symposium on Reliable

Distributed Systems, P.368, 2010.

- Il Kon Kim, Zeeshan Pervez, Asad Masood

Khattak and Sungyoung Lee, Chord Based

Identity Management for e-Healthcare Cloud

Applications, The 10th Annual International

Symposium on Applications and the

Internet, p.391, 2010 IEEE.

- Maciej Machulak and Aad van Moorsel,

Architecture and Protocol for User-

Controlled Access Management in Web 2.0

Applications, IEEE 30th International

Conference on Distributed Computing

Systems Workshops, Italy, P.4, June 21-25,

- Weiwei Jia , Hoajin Zhu, Zhenfu Cao, Lifei

Wei, and Xiaodong Lin, "SDSM: A Secure

Data Service Mechanism in Mobile Cloud

Computing," The first International

Workshop on Security in Computers,

Networking and Communications, IEEE,

, pp. 1060-1065.

- Lili Sun, Hua Wang, Jianming Yong, and

Guoxin Wu, "Semantic Access Control for

Cloud Computing Based On E-Healthcare,"

IEEE 16th International Conference on

Computer Supported Cooperative Work in

Design (CSCWD), 23-25 May 2012, pp.

-518.

- Luis M. Vaquero , Luis Rodero-Merino and

Daniel Morán, “Locking The Sky: A Survey

on Laas Cloud Security”, Springer-Verlag,

P.95, 2010.

- Wayne Jansen and Timothy Grance,

”Guidelines on Security and Privacy in

Public Cloud Computing”, National Instituteof Standards and Technology, Special

Publication 800-144, p.21, January 2011.

- Sameera Abdulrahman Almulla and Chan

Yeob Yeun, ”Cloud Computing Security

Management”, Second International

Conference on Engineering Systems

Management and Its Applications

(ICESMA), March 30- April 1, Sharjah, pp.

-7, 2010.

- Joonsang Baek, Jan Newmarch, Reihaneh

Safavi-Naini, and Willy Susilo, “A Survey of

Identity-Based Cryptography”, Proc. of

Australian Unix Users Group Annual

Conference, p.1-10, 2004. DOI: https://doi.org/10.2469/cp.v2004.n5.3422

- Divya Nalla and K.C. Reddy, “Signcryption

Scheme for Identity-Based Cryptosystems”,

J. Mathematics of Computation, p.1-10,

- Dan Boneh, Xuhua Ding, and Gene Tsudik,

Identity-Based Mediated RSA, Dow Jones &

Company, Inc, p.1-12, 2002.

- Sufyan T. Faraj and Hussien K. Abdulrazaaq,

"Email Security Using Two

Cryptographic Hybrids of Mediated and

Identity-Based Cryptography", i-manager's

Journal on Software Engineering (JSE), Vol.

, No. 3, pp. 1-12, January – March 2012,

- Dan Boneh, Xuhua Ding, Gene Tsudik and

Chi Ming Wong, “A Method for Fast

Revocation of Public Key Certificates and

Security Capabilities”, SSYM'01

Proceedings of the 10th conference on

USENIX Security Symposium - Volume 10,

Pages 22 – 22, 2001. DOI: https://doi.org/10.1093/frebul/22.81.22

- Liqun Chen, Bristol (GB); Keith Alexander

Harrison, wooderoft Chepstow (GB),

“Mediated RSA Cryptographic Method And

System”, US Patent Application Publication,

P.1-18, Dec. 16, 2004.

Similar Articles

You may also start an advanced similarity search for this article.