Abstract
Federated Identity Management (FIM) systems are well-known for achieving reliable and effective collaboration among various organizations. Despite numerous benefits, these systems have certain critical weaknesses such as lack of security and privacy while disseminating identity credentials (Personally Identifiable Information (PII)) across multiple federated Cloud environments. In addition to this, FIMsystems have limitations in terms of interoperability and lack compliance to international standards, since most of the systems are reliant on proprietary protocols for the exchange of identity information. In this regard, we propose a secure identity management system for federated Cloud environments that not only ensures the secure management of identity credentials, but preserves the privacy of Cloud Service Consumers (CSC) also. Furthermore, implementation of the proposed system involves state-of-the-art international standards (SCIM, SAML, REST and XACML) to ensure secure, quick and easy sharing & management of identity credentials in to, out of and around the Cloud. Further, we have performed rigorous evaluation of the proposed system using standard evaluation tools such as Scyther and JUnit. The results of our evaluation certify that the presented work ensures the desired features and level of security as expected from a secure identity management system for federated Cloud environment.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Jøsang, A., Fabre, J., Hay, B., Dalziel, J., Pope, S.: Trust requirements in identity management. In: Proceedings of the 2005 Australasian Workshop on Grid Computing and e-research, vol. 44, pp. 99–108. Australian Computer Society, Inc. (2005)
Habiba, U., Ghafoor, A., Masood, R., Shibli, M.A.: Assessment criteria for cloud identity management systems. In: 19th IEEE Pacific Rim International Symposium on Dependable Computing (PRDC 2013). IEEE (2014)
Fox, A., Griffith, R., Joseph, A., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I.: Above the clouds: A berkeley view of cloud computing. Dept. Electrical Eng. and Comput. Sciences, University of California, Berkeley, Rep. UCB/EECS, vol. 28 (2009)
Ghazizadeh, E., Zamani, M., Ab Manan, J.-L., Pashang, A.: A survey on security issues of federated identity in the cloud computing. In: 2012 IEEE 4th International Conference on Cloud Computing Technology and Science (CloudCom), pp. 532–565. IEEE (2012)
Angin, P., Bhargava, B., Ranchal, R., Singh, N., Linderman, M., Ben Othmane, L., Lilien, L.: An entity-centric approach for privacy and identity management in cloud computing. In: 2010 29th IEEE Symposium on Reliable Distributed Systems, pp. 177–183. IEEE (2010)
Sanchez, R., Almenares, F., Arias, P., Diaz-Sanchez, D., MarÃn, A.: Enhancing privacy and dynamic federation in idm for consumer cloud computing. IEEE Transactions on Consumer Electronics 58(1), 95–103 (2012)
Shamoon, I., Rajpoot, Q., Shibli, A.: Policy conflict management using xacml. In: 2012 8th International Conference on Computing and Networking Technology (ICCNT), pp. 287–291 (August 2012)
Celesti, A., Tusa, F., Villari, M., Puliafito, A.: Security and cloud computing: intercloud identity management infrastructure. In: 2010 19th IEEE International Workshop on Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE), pp. 263–265. IEEE (2010)
Yan, L., Rong, C., Zhao, G.: Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography. In: Jaatun, M.G., Zhao, G., Rong, C. (eds.) Cloud Computing. LNCS, vol. 5931, pp. 167–177. Springer, Heidelberg (2009)
Chadwick, D.W., Casenove, M.: Security apis for my private cloud-granting access to anyone, from anywhere at any time. In: 2011 IEEE Third International Conference on Cloud Computing Technology and Science (CloudCom), pp. 792–798. IEEE (2011)
Kim, I.K., Pervez, Z., Khattak, A.M., Lee, S.: Chord based identity management for e-healthcare cloud applications. In: 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet (SAINT), pp. 391–394. IEEE (2010)
Kumaraswamy, S., Lakshminarayanan, S., Stein, M.R.J., Wilson, Y.: Domain 12: Guidance for identity & access management v2. 1. Cloud Security Alliance 10 (2010), http://www.cloudsecurityalliance.org/guidance/csaguide-dom12-v2
Hitachi id identity manager (January 2014), http://hitachi-id.com/identity-manager/ (accessed August 28, 2013)
Identity manager 4 standard edition, https://www.netiq.com/products/identity-manager/standard/features/ (accessed August 2013)
Morley, M., Lawrence, B.: The cloud: Changing the business ecosystem, http://msdn.microsoft.com/en-us/library/cc836391.aspx (accessed August 28, 2013)
Mcafee cloud identity manager, http://www.mcafee.com/ca/resources/data-sheets/ds-cloud-identity-manager.pdf (accessed August 28, 2013)
Jansen, W.: Directions in security metrics research. DIANE Publishing (2010)
Cremers, C.J.F.: The scyther tool: Verification, falsification, and analysis of security protocols. In: Gupta, A., Malik, S. (eds.) CAV 2008. LNCS, vol. 5123, pp. 414–418. Springer, Heidelberg (2008)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this chapter
Cite this chapter
Habiba, U., Masood, R., Shibli, M.A. (2015). Secure Identity Management System for Federated Cloud Environment. In: Lee, R. (eds) Software Engineering, Artificial Intelligence, Networking and Parallel/Distributed Computing. Studies in Computational Intelligence, vol 569. Springer, Cham. https://doi.org/10.1007/978-3-319-10389-1_2
Download citation
DOI: https://doi.org/10.1007/978-3-319-10389-1_2
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-10388-4
Online ISBN: 978-3-319-10389-1
eBook Packages: EngineeringEngineering (R0)