Skip to main content
SpringerLink
Log in
Book cover

International Conference on Web Information Systems and Technologies

WEBIST 2014: Web Information Systems and Technologies pp 128–144Cite as

A Comparative Survey of Cloud Identity Management-Models

  • Conference paper
  • First Online:

  • 736 Accesses

Part of the book series: Lecture Notes in Business Information Processing ((LNBIP,volume 226))

Abstract

Secure identification and authentication are essential processes for protecting access to services or applications. These processes are also crucial in new areas of application such as the cloud computing domain. Over the past years, several cloud identity management-models for managing identification and authentication in the cloud domain have emerged. In this paper, we survey existing cloud identity management-models and compare and evaluate them based on selected criteria, e.g., on practicability or privacy aspects.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Notes

  1. 1.

    Different approaches exist; hence identity data can be either pushed to or pulled from the service provider.

  2. 2.

    http://www.jasig.org/cas.

  3. 3.

    http://msdn.microsoft.com/en-us/library/vstudio/ms733090%28vvs.90%29.aspx.

  4. 4.

    It is not necessary that the common identifier is shared. Different identifiers mapping to the same user are also possible [6].

  5. 5.

    http://saml.xml.org.

  6. 6.

    http://shibboleth.net.

  7. 7.

    http://openid.net.

  8. 8.

    http://oauth.net.

  9. 9.

    https://developers.google.com/accounts.

  10. 10.

    https://developers.facebook.com/docs/facebook-login.

  11. 11.

    http://www.mcafee.com/us/products/cloud-single-sign-on.aspx.

  12. 12.

    http://www.skidentity.com.

  13. 13.

    http://fugensolutions.com/cloud-id-broker.html.

  14. 14.

    A similar approach has been introduced by [27].

  15. 15.

    A semi-trusted identity provider is an identity provider that works correctly but may be interested in inspecting private data. In other words, the identity provider acts honest but curious.

  16. 16.

    By using proxy re-encryption a semi-trusted proxy can alter a ciphertext, which has been encrypted for person A, in such a way that it can be decrypted by person B. Thereby, the proxy gains no access to the plaintext of the data.

  17. 17.

    For generating a re-encryption key, the organization requires its private key and the public key of the service provider.

  18. 18.

    Secure Identity Across Borders Linked, https://www.eid-stork.eu/.

References

  1. Bauer, M., Meints, M., Hansen, M.: D3.1: Structured Overview on Prototypes and Concepts of Identity Management System. FIDIS (2005)

    Google Scholar 

  2. Pearson, S., Benameur, A.: Privacy, security and trust issues arising from cloud computing. In: IEEE CloudCom 2010, pp. 693–702 (2010)

    Google Scholar 

  3. Zissis, D., Lekkas, D.: Addressing cloud computing security issues. Future Gener. Comput. Syst. 28, 583–592 (2012)

    Article  Google Scholar 

  4. Sen, J.: Security and privacy issues in cloud computing. In: Martínez, A.R., Marin-Lopez, R., Pereniguez-Garcia, F. (eds.) Architectures and Protocols for Secure Information Technology Infrastructures, pp. 1–45. IGI Global (2013)

    Google Scholar 

  5. Bertino, E., Takahashi, K.: Identity Management: Concepts, Technologies, and Systems. Artech House, Boston (2011)

    Google Scholar 

  6. Cao, Y., Yang, L.: A survey of identity management technology. In: IEEE ICITIS 2010, pp. 287–293. IEEE (2010)

    Google Scholar 

  7. Dabrowski, M., Pacyna, P.: Generic and complete three-level identity management model. In: SECURWARE 2008, pp. 232–237. IEEE (2008)

    Google Scholar 

  8. Dbrowski, M., Pacyna, P.: Overview of Identity Management. Technical report (2008). www.chinacommunications.cn

  9. Jøsang, A., Fabre, J., Hay, B., Dalziel, J., Pope, S.: Trust requirements in identity management. In: Proceedings of the 2005 Australasian Workshop on Grid Computing and e-Research, pp. 99–108 (2005)

    Google Scholar 

  10. Jøsang, A., Pope, S.: User centric identity management. In: AusCERT 2005 (2005)

    Google Scholar 

  11. Jøsang, A., Zomai, M.A., Suriadi, S.: Usability and privacy in identity management architectures. In: ACSW 2007, pp. 143–152 (2007)

    Google Scholar 

  12. Palfrey, J., Gasser, U.: CASE STUDY: Digital Identity Interoperability and eInnovation. Berkman Publication Series (2007)

    Google Scholar 

  13. Neuman, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos Network Authentication Service (V5). RFC 4120 (Proposed Standard) (2005)

    Google Scholar 

  14. Leitold, H., Hollosi, A., Posch, R.: Security architecture of the Austrian citizen card concept. In: ACSAC 2002, pp. 391–400 (2002)

    Google Scholar 

  15. Frommm, J., Hoepner, P.: The new German eID card. In: Fumy, W., Paeschke, M. (eds.) Handbook of eID Security, pp. 154–166. Publicis Publishing (2011)

    Google Scholar 

  16. Kaler, C., McIntosh, M.: Web Services Federation Language (WS-Federation) Version 1.2. OASIS Standard (2009)

    Google Scholar 

  17. Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., Zaharia, M.: Above the Clouds: A Berkeley View of Cloud Computing Cloud Computing. Technical report, RAD Lab (2009)

    Google Scholar 

  18. Cloud Security Alliance: Security Guidance for Critical Areas of Focus in Cloud Computing V3.0. CSA (2011)

    Google Scholar 

  19. Cox, P.: How to Manage Identity in the Public Cloud. InformationWeek reports (2012)

    Google Scholar 

  20. Gopalakrishnan, A.: Cloud computing identity management. SETLabs Brief. 7, 45–55 (2009)

    Google Scholar 

  21. Goulding, J.T.: Identity and Access Management for the Cloud: CA’s strategy and vision. Technical Report May, CA Technologies (2010)

    Google Scholar 

  22. Zwattendorfer, B., Stranacher, K., Tauber, A.: Towards a federated identity as a service model. In: Egovis 2013, pp. 43–57 (2013)

    Google Scholar 

  23. Ates, M., Ravet, S., Ahmat, A.M., Fayolle, J.: An identity-centric internet: identity in the cloud, identity as a service and other delights. In: ARES 2011, pp. 555–560 (2011)

    Google Scholar 

  24. Huang, H.Y., Wang, B., Liu, X.X., Xu, J.M.: Identity federation broker for service cloud. In: ICSS 2010, pp. 115–120 (2010)

    Google Scholar 

  25. Nuñez, D., Agudo, I., Lopez, J.: Leveraging privacy in identity management as a service through proxy re-encryption. In: Zimmermann, W. (ed.) Proceedings of the PhD Symposium at the 2nd European Conference on Service-Oriented and Cloud Computing, pp. 42–47 (2013)

    Google Scholar 

  26. Nuñez, D., Agudo, I.: BlindIdM: a privacy-preserving approach for identity management as a service. Int. J. Inf. Secur. 13, 199–215 (2014)

    Article  Google Scholar 

  27. Zwattendorfer, B., Slamanig, D.: On privacy-preserving ways to porting the austrian eID system to the public cloud. In: Janczewski, L.J., Wolfe, H.B., Shenoi, S. (eds.) SEC 2013. IFIP AICT, vol. 405, pp. 300–314. Springer, Heidelberg (2013)

    Chapter  Google Scholar 

  28. Green, M., Ateniese, G.: Identity-based proxy re-encryption. In: Katz, J., Yung, M. (eds.) ACNS 2007. LNCS, vol. 4521, pp. 288–306. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  29. Ateniese, G., Fu, K., Green, M., Hohenberger, S.: Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur. 9, 1–30 (2006)

    Article  MATH  Google Scholar 

  30. Nuñez, D., Agudo, I., Lopez, J.: Integrating OpenID with proxy re-encryption to enhance privacy in cloud-based identity services. In: IEEE CloudCom 2012, pp. 241–248 (2012)

    Google Scholar 

  31. Zwattendorfer, B.: Towards a Privacy-Preserving Federated Identity as a Service Model. PhD Thesis, Graz University of Technology (2014)

    Google Scholar 

  32. Zwattendorfer, B., Slamanig, D.: Privacy-preserving realization of the STORK framework in the public cloud. In: SECRYPT 2013, pp. 419–426 (2013)

    Google Scholar 

  33. Birrell, E., Schneider, F.: Federated identity management systems: a privacy-based characterization. IEEE Secur. Priv. 11, 36–48 (2013)

    Article  Google Scholar 

  34. Linn, J., Boeyen, S., Ellison, G., Karhuluoma, N., Macgregor, W., Madsen, P., Sengodan, S., Shinkar, S., Thompson, P.: Trust Models Guidelines. Technical report, OASIS (2004)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Institute for Applied Information Processing and Communications (IAIK), Graz University of Technology, Inffeldgasse 16a, 8010, Graz, Austria

    Bernd Zwattendorfer, Thomas Zefferer & Klaus Stranacher

Authors
  1. Bernd Zwattendorfer
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Thomas Zefferer
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Klaus Stranacher
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Bernd Zwattendorfer .

Editor information

Editors and Affiliations

  1. University of Paris, Paris, Paris, France

    Valérie Monfort

  2. RWTH Aachen University, Aachen, Germany

    Karl-Heinz Krempels

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Zwattendorfer, B., Zefferer, T., Stranacher, K. (2015). A Comparative Survey of Cloud Identity Management-Models. In: Monfort, V., Krempels, KH. (eds) Web Information Systems and Technologies. WEBIST 2014. Lecture Notes in Business Information Processing, vol 226. Springer, Cham. https://doi.org/10.1007/978-3-319-27030-2_9

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-27030-2_9

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-27029-6

  • Online ISBN: 978-3-319-27030-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation