Preserving Privacy in Cloud Identity Management Systems Using DCM (Dual Certificate Management)

Full Text (PDF, 530KB), PP.54-65

Views: 0 Downloads: 0

Author(s)

Kamyab Khajehei 1,*

1. Department of Computer, Islamic Azad University - Dashtestan Branch, Borazjan, Iran.

* Corresponding author.

DOI: https://doi.org/10.5815/ijwmt.2018.04.04

Received: 30 Mar. 2018 / Revised: 17 May 2018 / Accepted: 4 Jun. 2018 / Published: 8 Jul. 2018

Index Terms

Cloud Computing, Identity Management, Cloud Computing Security, Cloud Computing Privacy, Internet of Things (IoT)

Abstract

In these days all businesses trying to use global applications on cloud computing infrastructure to reduce their costs and also decentralize their application. This movement also causes more security risks over the unbounded cloud environment. Therefore, accessing enterprise information for an unwanted user will be more than other environments.
Thus, the proposed Identity Management System (IDMS) tries to preserve security in communication between clients and server over cloud computing. The proposed method suggested token based Identity Management and also enhanced privacy by adding one. Dual Certificate Manager (DCM) block is a replacement for a combination of symmetric and asymmetric cryptography, which is commonly used for SSL/TLS protocol to immune data transmission, uses asymmetric cryptography in both participants.
Furthermore, for more privacy and invulnerability DCM uses Elliptic Curve Cryptography (ECC) as asymmetric cryptography algorithm.

Cite This Paper

Kamyab Khajehei, " Preserving Privacy in Cloud Identity Management Systems Using DCM (Dual Certificate Management)", International Journal of Wireless and Microwave Technologies(IJWMT), Vol.8, No.4, pp. 54-65, 2018. DOI: 10.5815/ijwmt.2018.04.04

Reference

[1]PankajDeep Kaur, Awal Adesh Monga,"Managing Big Data: A Step towards Huge Data Security", International Journal of Wireless and Microwave Technologies(IJWMT), Vol.6, No.2, pp.10-20, 2016. 

[2]M Ali & S.U. Khan & A.V. Vasilakos, “Security in cloud computing: Opportunities and challenges” Information Sciences, No. 305, 2015, p. 357-383.

[3]K.Khajehei, “Secure Communication in Cloud by Using ECC Algorithm”, International Journal of Engineering Research and Technology, Vol. 3, No, 1, 2014.

[4]N. F. M. Kubach, "Identity Management and Cloud Computing in the Automotive Industry: First Empirical Results from a Quantitative Survey", In Gesellschaft für Informatik eV (GI) publishes this series in order to make available to a broad public recent findings in informatics (ie computer science and information systems), to document conferences that are organized in co-operation with GI and to publish the annual GI Award dissertation, 2015.

[5]K. Gunjan & G. Sahoo & R.K. Tiwari, “Identity Management in Cloud Computing –A Review”, International Journal of Engineering Research & Technology, Vol. 1, No 4, 2012.

[6]E. McCallister & T. Grance & K. A. Kent, “Guide to protecting the confidentiality of personally identifiable information”, US Department of Commerce, National Institute of Standards and Technology, Diane Publishing, 2010.

[7]R. Gellman, “Fair information practices: A basic history”, Available at SSRN 2415020, 2015.

[8]Ritu, Sukhchandan Randhawa, Sushma Jain,"Trust Models in Cloud Computing: A Review", International Journal of Wireless and Microwave Technologies(IJWMT), Vol.7, No.4, pp.14-27, 2017.

[9]A. Benusi, “An Identity Management Survey on Cloud Computing”, International Journal of Computing and Optimization, Vol. 1, No. 2, 2014,  p. 63-71.

[10]P. Angin & B. Bhargava & R. Ranchal & N. Singh & M. Linderman & L.B. Othmane & L. Lilien, “An entity-centric approach for privacy and identity management in cloud computing”, Reliable Distributed Systems, 29th IEEE Symposium, 2010, p. 177-183.

[11]T.A. Johansen & I. Jorstad & D. Van Thanh, "Identity management in mobile ubiquitous environments", The Third International Conference on Internet Monitoring and Protection, 2008, p. 178-183.

[12]A. Gopalakrishnan, “Cloud Computing Identity Management”, SETLabs Briefings, Vol. 7, No. 7, 2009, p. 45-55.

[13]Pieczul, O. S., McGloin, M. A., Zurko, M. E., Kern, D. S., & Hepburn, B. A. U.S. Patent No. 9,699,168. Washington, DC: U.S. Patent and Trademark Office. 2017.

[14]D. Nuñez & I. Agudo & J. Lopez, “Privacy-Preserving Identity Management as a Service”, Accountability and Security in the Cloud, 2015, p. 114-125.

[15]Wetter, A. E., Frei, A., Tsang, P. M., & Rouskov, Y. U.S. Patent No. 9,699,180. Washington, DC: U.S. Patent and Trademark Office. 2017.

[16]S. Ferdous & R. Poet, “Managing dynamic identity federations using security assertion markup”, Journal of theoretical and applied electronic commerce research, Vol. 10, No. 2, 2015, p. 53-76.

[17]C. Wise & C. Friedrich & S. Nepal & S. Chen & R. O. Sinnott, “Cloud Docs: Secure Scalable Document Sharing on Public Clouds”, IEEE 8th International Conference on Cloud Computing, 2015, p. 532-539.

[18]Naik, N., & Jenkins, P. Securing digital identities in the cloud by selecting an apposite Federated Identity Management from SAML, OAuth and OpenID Connect. In Research Challenges in Information Science (RCIS), 2017 11th International Conference on IEEE. May, 2017. p. 163-174.

[19]M. Jones & J. Bradley & N. Sakimura, "JSON web token (jwt)", No. RFC 7519. 2015. 

[20]P Thanapal, K Marimuthu, S Rajkumar, R Niranchana," Smarter Way to Access Multiple Mobile Cloud Applications without Interoperability Issues", International Journal of Wireless and Microwave Technologies(IJWMT), Vol.7, No.5, pp. 32-39, 2017.

[21]J. Li & J. Li & X. Chen & C. Jia & Wenjing Lou, "Identity-based encryption with outsourced revocation in cloud computing", Ieee Transactions on Computers, Vol. 64, No. 2, 2015, p. 425-437.

[22]Kim, S. M., Han, J., Ha, J., Kim, T., & Han, D. Enhancing Security and Privacy of Tor's Ecosystem by Using Trusted Execution Environments. In NSDI. March 2017. p. 145-161.

[23]Tania Gaur, Divya sharma,"A Secure and Efficient Client-Side Encryption Scheme in Cloud Computing", International Journal of Wireless and Microwave Technologies(IJWMT), Vol.6, No.1, pp.23-33, 2016.

[24]U. Habiba1 & R. Masood & M. A. Shibli & Muaz A Niazi, “Cloud identity management security issues & solutions: a taxonomy”, Vol. 2, No. 1, 2014,  p. 1.

[25]K. Ashanpreet & R. Singh, "Identity Management in Cloud Computing: Issues, Incidents and Solutions", International Journal of Scientific & Engineering Research, Vol. 6, No. 3, 2015, p. 999-1004.

[26]W. A. Alrodhan & Chris J. Mitchell, “Enhancing user authentication in claim-based identity management”, In CTS, 2010, p. 75-83.

[27]C. Yuan & L. Yang, “A survey of identity management technology”, Information Theory and Information Security, 2010 IEEE international conference, 2010, p. 287-293.

[28]A. Černezel & M. Heričko, “A user-centric approach for developing mobile applications”, 7th International Conference on Knowledge Management in Organizations: Service and Cloud Computing, 2013, p. 455-465.

[29]A. M. Lonea & H. Tianfield & D. E. Popescu, “Identity management for cloud computing”, New concepts and applications in soft computing, 2013, p. 175-199.

[30]X. Yang & L. Liu, “Principles, Methodologies, and Service-Oriented Approaches for Cloud Computing”, IGI Global, 2013, p. 172-173.

[31]H. Y. Huang & B. Wang & X. X. Liu & J. M. Xu, “Identity federation broker for service cloud”, Proceedings of the 2010 International Conference on Service Sciences, ICSS '10, Washington, DC, USA, 2010, p. 115-120.

[32]S. Dowell & A. Barreto & J. B. Michael & M. T. Shing, “Cloud to cloud interoperability”, System of Systems Engineering (SoSE), 6th International Conference, 2011, p. 258-263.

[33]A. Celesti & F. Tusa & M. Villari & A. Puliafito, “Security and cloud computing: Intercloud identity management infrastructure”, Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE), 19th IEEE International Workshop on, 2010, p. 263-265.

[34]P. Angin & B. Bhargava & R. Ranchal & N. Singh & M. Linderman & L.B. Othmane & L. Lilien, “An entity-centric approach for privacy and identity management in cloud computing”, Reliable Distributed Systems, 29th IEEE Symposium, 2010, p. 177-183.