Consolidated Identity Management System for secure mobile cloud computing

Computer Networks

Volumn 65, Issue , 2014, Pages 99-110

  Khalil, Issa ^a   Khreishah, Abdallah ^b   Azeem, Muhammad ^c  

^a QATAR COMPUTING RESEARCH INSTITUTE   (Qatar)

^b NEW JERSEY INSTITUTE OF TECHNOLOGY   (United States)

^c UNITED ARAB EMIRATES UNIVERSITY   (United Arab Emirates)

Author keywords

Cloud computing security; Identity Management Systems; Mobile clients; Privacy; Security attacks

Indexed keywords

DATA PRIVACY; DISTRIBUTED DATABASE SYSTEMS; EXPERIMENTS; MOBILE CLOUD COMPUTING; MOBILE DEVICES; MOBILE TELECOMMUNICATION SYSTEMS; NATURAL LANGUAGE PROCESSING SYSTEMS; SURVEYS;

AUTHENTICATION AND AUTHORIZATION; CLOUD COMPUTING SECURITIES; CLOUD SERVICE PROVIDERS; COMMUNICATION OVERHEADS; IDENTITY MANAGEMENT SYSTEMS; MOBILE CLIENT; SECURITY ATTACKS; SERVER COMPROMISE;

AUTHENTICATION;

EID: 84897983792     PISSN: 13891286     EISSN: None     Source Type: Journal    
DOI: 10.1016/j.comnet.2014.03.015     Document Type: Article

References (40)

1. R.H. Weber, and A. Darbellay Legal issues in mobile banking J. Bank. Regul. 11 2 2010 129 145
2. L.A. Martucci, A. Zuccato, B. Smeets, S.M. Habib, T. Johansson, N. Shahmehri, Privacy, security and trust in cloud computing: the perspective of the telecommunication industry, in: The 9th International Conference on Ubiquitous Intelligence Computing and the 9th International Conference on Autonomic Trusted Computing (UIC/ATC), 2012, pp. 627-632.
3. B. Markelj, and I. Bernik To use or not to use mobile devices J. Internet Technol. Secured Trans. (JITST) 1 1/2 2012 < http://www.infonomics-society. org/JITST/ToUseorNottoUseMobileDevices.pdf >
4. I. Khalil, A. Khreishah, S. Bouktif, A. Ahmad, Security concerns in cloud computing, in: Proceedings of the 10th International Conference on Information Technology: New Generations, Las Vegas, Nevada, USA, April 15-17, 2013.
5. http://www.digitalbuzzblog.com/infographic-2013-mobile-growth-statistics/ (accessed 10.01.14).
6. I. Berni, B. Markelj, Blended threats to mobile devices on the rise, in: The International Conference on Information Society (i-Society), 2012, pp. 59-64.
7. M. La Polla, F. Martinelli, and D. Sgandurra A survey on security for mobile devices IEEE Commun. Surv. Tutorials 15 1 2013 (First Quarter)
8. http://www.abiresearch.com/research/product/1012083-mobile-device- security (accessed 10.01.14).
9. M. Bishop Computer Security: Art and Science 2002 Addison-Wesley Professional Reading, MA
10. M. Leandro, T. Nascimento, D. Santos, M. Westphall, C. Westphall, Multi-tenancy authorization system with federated identity for cloud-based environments using shibboleth, in: The Eleventh International Conference on Network (ICN), 2012, pp. 88-93.
11. D. Hardt, The OAuth 2.0 Authorization Framework, Ed. Microsoft. July 31, 2012. < http://tools.ietf.org/html/draft-ietf-oauth-v2-31 > (accessed 10.01.14).
12. http://openid.net/specs/openid-authentication-2-0.html (accessed 10.01.14).
13. https://www.sans.org/reading-room/whitepapers/application/ attacks-oauth-secure-oauth-implementation-33644 (accessed 10.01.14).
14. http://thenextweb.com/socialmedia/2010/07/17/oauth-and-openid- authentication-vulnerable-to-timing-attack/#!q0tFt (accessed 10.01.14).
15. R. Wang, S. Chen, X. Wang, Signing me onto your accounts through Facebook and Google: a traffic-guided security study of commercially deployed single-sign-on web services, in: The Proceedings of the IEEE Symposium on Security and Privacy, USA, 2012, pp. 365-379.
16. OpenID Still Open To Abuse. < http://www.computing.co.uk/ctg/opinion/ 1824215/openid-abuse > (accessed 10.01.14).
17. http://lists.danga.com/pipermail/yadis/2005-June/000472.html (accessed 10.01.14).
18. S. Xiao, W. Gong, Mobility can help: protect user identity with dynamic credential, in: The Eleventh International Conference on Mobile Data Management (MDM), 2010, pp. 378-380.
19. P. Angin, B. Bhargava, R. Ranchal, N. Singh, M. Linderman, L.B. Othmane, L. Lilien, An entity-centric approach for privacy and identity management in cloud computing, in: The 29th IEEE Symposium on Reliable Distributed Systems, 2010, pp. 177-183.
20. R. Guerrero, P. Cabarcos, F. Mendoza, D. Diaz-Sanchez, Trust-aware federated IdM in consumer cloud computing, in: The Proceedings of the IEEE International Conference on Consumer Electronics (ICCE), 2012, pp. 53-54.
21. M. Stihler, A. Santin, A. Marcon, J. Fraga, Integral federated identity management for cloud computing, in: The 5th International Conference on New Technologies, Mobility and Security (NTMS), 2012, pp. 1-5.
22. P. Zhang, H. Sun, Z. Yan, Building up trusted identity management in mobile heterogeneous environment, in: 10th IEEE International Conference on Trust, Security and Privacy in Computing and Communications (TrustCom), 2011, pp. 873-877.
23. https://blogs.rsa.com/anatomy-of-an-attack/ (accessed 10.01.14).
24. www.lastpass.com/adobe (accessed 10.01.14).
25. I. Khalil, A. Khreishah, and M. Azeem Cloud computing security: a survey Comput. (MDPI J.) 3 1 2014 1 35 10.3390/computers3010001
26. http://www.gtcybersecuritysummit.com/2014Report.pdf (accessed 10.01.14).
27. http://www.newscenter.gatech.edu/2013/11/06/georgia-tech-warns-threats- cloud-data-storage-mobile-devices-latest-%E2%80%98emerging-cyber (accessed 10.01.14).
28. http://resources.infosecinstitute.com/android-master-key-vulnerability- poc/ (accessed 10.01.14).
29. https://sites.google.com/site/openidreview/issues (accessed 10.01.14).
30. T. Han, N. Zhang, K. Liu, B. Tang, Y. Liu, Analysis of mobile WiMAX security: vulnerabilities and solutions, in: IEEE International Conference on Mobile Ad Hoc and Sensor Systems (MASS), Atlanta, Georgia, 2008, pp. 828-833.
31. I. Khalil ELMO: energy aware local monitoring in sensor networks IEEE Trans. Dependable Secure Comput. 8 4 2011 523 536
32. I. Khalil, MCC: mitigating colluding collision attacks in wireless sensor networks, in: Proceedings of the IEEE Global Communications Conference (IEEE GLOBECOM'10), Miami, Florida, USA, December 6-10, 2010, pp. 1-5.
33. I. Khalil, MPC: mitigating stealthy power control attacks in wireless ad hoc networks, in: Proceedings of the IEEE Global Communications Conference (IEEE GLOBECOM'09), Honolulu, Hawaii, USA, November 30-December 4, 2009, pp. 1-6.
34. I. Dacosta, S. Chakradeo, M. Ahamad, and P. Traynor One-time cookies: preventing session hijacking attacks with stateless authentication tokens ACM Trans. Internet Technol. 12 1 2012 1:1 1:24
35. http://www.ieee-globecom.org/2012/private/T10F.pdf (accessed 10.01.14).
36. http://www.oracle.com/technetwork/java/javase/overview/index.html (accessed 10.01.14).
37. R. Sanchez, F. Almenares, P. Arias, D. Diaz-Sanchez, and A. Marin Enhancing privacy and dynamic federation in IdM for consumer cloud computing IEEE Trans. Consum. Electron. 58 1 2012 95 103
38. I. Hababeh, I. Khalil, and A. Khreishah Designing high performance web-based computing services to promote telemedicine database management system IEEE Trans. Serv. Comput. 2 2014 10.1109/TSC.2014.2300499
39. J. Shi, M. Taifi, A. Khreishah, J. Wu, Sustainable GPU computing at scale, in: 14th IEEE International Conference in Computational Science and Engineering, 2011, pp. 263-272.
40. J.Y. Shi, M. Taifi, A. Khreishah, Resource planning for parallel processing in the cloud, in: 2011 IEEE International Conference on High Performance Computing and Communications.