Cloud identity management security issues & solutions: a taxonomy

Complex Adaptive Systems Modeling

Volumn 2, Issue 1, 2014, Pages

  Habiba, Umme ^a   Masood, Rahat ^a   Shibli, Muhammad Awais ^a   Niazi, Muaz A ^b  

^a NATIONAL UNIVERSITY OF SCIENCES AND TECHNOLOGY NUST   (Pakistan)

^b Department of Electrical Computer Engineering   (Pakistan)

Author keywords

Assessment criteria; Cloud computing security; Identity management; IDMS taxonomy

Indexed keywords

EID: 85022029828     PISSN: None     EISSN: 21943206     Source Type: Journal    
DOI: 10.1186/s40294-014-0005-9     Document Type: Article

References (81)

1. Albeshri A, Caelli W: Mutual protection in a cloud computing environment. In High Performance Computing and Communications (HPCC), 2010 12th IEEE International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:641–646
2. Almorsy, M, Grundy J, Müller I: An analysis of the cloud computing security problem. In Proceedings of APSEC 2010 Cloud Workshop. Sydney, Australia; 2010
3. Alrodhan WA, Mitchell CJ: Enhancing user authentication in claim-based identity management. In Collaborative Technologies and Systems (CTS), 2010 International Symposium on. IEEE, Piscataway, New Jersey, United States; 2010:75–83
4. Angin P, Bhargava B, Ranchal R, Singh N, Linderman M, Othmane LB, Lilien L: An entity-centric approach for privacy and identity management in cloud computing. In Reliable Distributed Systems, 2010 29th IEEE Symposium on. IEEE, Piscataway, New Jersey, United States; 2010:177–183
5. Arias-Cabarcos P, Almenárez-Mendoza F, Marín-López A, Díaz-Sánchez D, Sánchez-Guerrero R: A metric-based approach to assess risk for “on cloud” federated identity management. J Netw Syst Manag 2012, 20: 513–533. Springer, 2012 Springer, 2012 10.1007/s10922-012-9244-2
6. Ates M, Ravet S, Ahmat AM, Fayolle J: An identity-centric internet: identity in the cloud, identity as a service and other delights. In 2012 Seventh International Conference on Availability, Reliability and Security. IEEE, Piscataway, New Jersey, United States; 2011:555–560
7. Bertino, E, Takahashi K: IdentityManagement: Concepts, Technologies, and Systems: ARTECH HOUSE, 16 Sussex Street, London SW1V 4RW UK; 2010
8. Bhadauria, R, Chaki R, Chaki N, Sanyal S: A survey on security issues in cloud computing 2011. arXiv preprint arXiv:1109.5388
9. Bhargav-Spantzel A, Camenisch J, Gross T, Sommer D: User centricity: a taxonomy and open issues. J Comput Secur 2007, 15: 493–527. IOS Press, 2007
10. Brute Force Attack. OWASP Testing Guide2013. [Online accessed September-2013]., [https://www.owasp.org/index.php/Brute_force_attack]
11. CA Technologies Inc.: CA Technologies Predicts Key Trends for Identity and Access Management in 20142014. Online accessed April-2013., [http://www.ca.com/us/news/press-releases/na/2014/ca-technologies-predicts-key-trends-for-identity-and-access-management-in-2014.aspx]
12. Cameron, K: The laws of identity: Microsoft Corp.; 2005
13. Cao, Y, Yang L: A survey of identity management technology. In IEEE International Conference on Information Theory and Information Security (ICITIS): IEEE; 2010:287–293
14. Celesti A, Tusa F, Villari M, Puliafito A: Security and cloud computing: intercloud identity management infrastructure. In Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE), 2010 19th IEEE International Workshop on. IEEE, Piscataway, New Jersey, United States; 2010:263–265
15. Chadwick DW, Casenove M: Security APIs for my private cloud-granting access to anyone, from anywhere at any time. In Cloud Computing Technology and Science (CloudCom), 2011 IEEE Third International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:792–798
16. Chang C-C: Some forgery attacks on a remote user authentication scheme using smart cards. Informatica 2003, 14: 289–294. IOS Press, 2003 IOS Press, 2003
17. Chen D, Zhao H: Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on. IEEE, Piscataway, New Jersey, United States; 2012:647–651
18. Chen J, Wu X, Zhang S, Zhang W, Niu Y: A decentralized approach for implementing identity management in cloud computing. In Cloud and Green Computing (CGC), 2012 Second International Conference on. IEEE, Piscataway, New Jersey, United States; 2012:770–776
19. Chowdhury MM, Noll J: Distributed identity for secure service interaction. In Wireless and Mobile Communications, 2007. ICWMC’07. Third International Conference on. IEEE, Piscataway, New Jersey, United States; 2007:56–56
20. Choudhury AJ, Kumar P, Sain M, Lim H, Jae-Lee H: A strong user authentication framework for cloud computing. In Services Computing Conference (APSCC), 2011 IEEE Asia-Pacific. IEEE, Piscataway, New Jersey, United States; 2011:110–115
21. Cloud Security Alliance: Cloud Security Alliance SecaaS Guidance, Category 1: Identity and Access Management, 2012 by Cloud Security Alliance. [Online accessed: November 2013], 2011., [https://cloudsecurityalliance.org/download/secaas-category-1-identity-and-access-management-implementation-guidance/]
22. Conrado C, Kamperman F, Schrijen GJ, Jonker W: Privacy in an identity-based DRM system. In the Proceedings of Database and Expert Systems Applications, 2003. Proceedings. 14th International Workshop on. IEEE, Piscataway, New Jersey, United States; 2003:389–395
23. Dhamija R, Dusseault L: The seven flaws of identity management: usability and security challenges. IEEE Secur Privacy 2008, 6: 24–29. IEEE, 2008 IEEE, 2008 10.1109/MSP.2008.49
24. Donevski A, Ristov S, Gusev M: Security assessment of virtual machines in open source clouds. In Information & Communication Technology Electronics & Microelectronics (MIPRO), 2013 36th International Convention on. IEEE, Piscataway, New Jersey, United States; 2013:1094–1099
25. Eucalyptus Systems, Inc.: Eucalyptus Identity and Access Management (IAM)2012., [Online accessed August-2014]., [https://www.eucalyptus.com/docs/eucalyptus/4.0/security-guide/security_bp_access.html]
26. Feng J, Chen Y, Ku WS, Liu P: Analysis of integrity vulnerabilities and a non-repudiation protocol for cloud data storage platforms. In Parallel Processing Workshops (ICPPW), 2010 39th International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:251–258
27. Ferdous MS, Poet R: A comparative analysis of identity management systems. In High Performance Computing and Simulation (HPCS) 2012 International Conference on. IEEE, Piscataway, New Jersey, United States; 2012:454–461
28. Fox A, Griffith R, Joseph A, Katz R, Konwinski A, Lee G, Patterson D, Rabkin A, Stoica I: Above the Clouds: a Berkeley View of Cloud Computing. Dept. Electrical Eng. and Comput. Sciences, University of California, Berkeley; 2009
29. Gopalakrishnan A: Cloud computing identity management. SETLabs Briefings 2009, 7: 45–54
30. Gunjan K, Sahoo G, Tiwari RK: Identity management in cloud computing-a review. In International Journal of Engineering Research and Technology (Vol. 1, No. 4 (June-2012)). ESRSA Publications, Kudasan, Gandhinagar, Gujarat, India; 2012
31. Halpert B: Auditing Cloud Computing: a Security and Privacy Guide (Vol. 21). John Wiley & Sons, Hoboken, New Jersey, USA; 2011
32. Hoellrigl T, Kühner H, Dinger J, Hartenstein H: User-controlled automated identity delegation. In Network and Service Management (CNSM), 2010 International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:230–233
33. Jansen WA: Cloud hooks: Security and privacy issues in cloud computing. In System Sciences (HICSS), 2011 44th Hawaii International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:1–10
34. Jansen, W, Grance T: Guidelines on Security and Privacy in Public Cloud Computing: NIST special publication, 800, 144, NIST; 2011
35. Jensen M, Schwenk J, Gruschka N, Iacono LL: On technical security issues in cloud computing. In Cloud Computing, 2009. CLOUD’09. IEEE International Conference on. IEEE, Piscataway, New Jersey, United States; 2009:109–116
36. Jøsang, A, Fabre J, Hay B, Dalziel J, Pope S: Trust requirements in identity management. In Proceedings of the 2005 Australasian workshop on Grid computing and e-research-Volume 44: Australian Computer Society, Inc.; 2005:99–108
37. Kim IK, Pervez Z, Khattak AM, Lee S: Chord based identity management for e-Healthcare cloud applications. In Applications and the Internet (SAINT), 2010 10th IEEE/IPSJ International Symposium on. IEEE, Piscataway, New Jersey, United States; 2010:391–394
38. Kumar, R, Gupta N, Charu S, Jain K, Jangir SK: Open Source Solution for Cloud Computing Platform Using OpenStack; 2014
39. Kumaraswamy, S, Lakshminarayanan S, Reiter M, Stein J, Wilson Y: Domain 12: Guidance for Identity & Access Management V2. 1. Cloud Security Alliance2010., [https://cloudsecurityalliance.org/guidance/csaguide-dom12-v2.10.pdf]
40. Lang U: Openpmf scaas: authorization as a service for cloud & soa applications. In Cloud Computing Technology and Science (CloudCom) 2010 IEEE Second International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:634–643
41. Leandro, MA, Nascimento TJ, dos Santos DR, Westphall CM, Westphall CB: Multi-tenancy authorization system with federated identity for cloud-based environments using shibboleth. In ICN 2012, The Eleventh International Conference on Networks; 2012:88–93
42. Leskinen J: Evaluation criteria for future identity management. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on. IEEE, Piscataway, New Jersey, United States; 2012:801–806
43. Li M, Yu S, Ren K, Lou W: Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings. In Security and Privacy in Communication Networks. Springer, Berlin, Heidelberg; 2010:89–106
44. Luo S, Hu J, Chen Z: An identity-based one-time password scheme with anonymous authentication. In Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC’09. International Conference on. IEEE, Piscataway, New Jersey, United States; 2009:864–867
45. Mahmood Z: “Data location and security issues in cloud computing”. In Emerging Intelligent Data and Web Technologies (EIDWT), 2011 International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:49–54
46. Mather T, Kumaraswamy S, Latif S: Cloud security and privacy: an enterprise perspective on risks and compliance. O’Reilly Media, Inc., Sebastopol, CA, USA; 2009
47. McCallister E: Guide to Protecting the Confidentiality of Personally Identifiable Information. Diane Publishing, Collingdale, PA, United States; 2010
48. Maler, E, Mishra P, Philpott R: Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML)2003. Online accessed January-2013., [https://www.oasis-open.org/committees/download.php/3406/oasis-sstc-saml-core-1.1.pdf]
49. Meier, JD, Farre C, Taylor J, Bansode P, Gregersen S, Sundararajan M, Boucher R: Improving Web Services Security: Scenarios and Implementation Guidance for WCF: Microsoft Developer Network; 2009
50. Nabeel M, Bertino E, Kantarcioglu M, Thuraisingham B: Towards privacy preserving access control in the cloud. In Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), 2011 7th International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:172–180
51. O’Gorman L: Comparing passwords, tokens, and biometrics for user authentication. In Proceedings of the IEEE. IEEE, Piscataway, New Jersey, United States; 2003:2021–2040
52. Olden E: Architecting a cloud-scale identity fabric. Computer 2011, 44: 52–59. IEEE, 2011 IEEE, 2011 10.1109/MC.2011.60
53. Pashalidis A, Mitchell CJ: A taxonomy of single sign-on systems. In Information Security and Privacy. Springer, Berlin, Heidelberg; 2003:249–264
54. Pearson S, Benameur A: Privacy, security and trust issues arising from cloud computing. In Cloud Computing Technology and Science (CloudCom) 2010 IEEE Second International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:693–702
55. Ranchal R, Bhargava B, Othmane LB, Lilien L, Kim A, Kang M, Linderman M: Protection of identity information in cloud computing without trusted third party. In Reliable Distributed Systems, 2010 29th IEEE Symposium on. IEEE, Piscataway, New Jersey, United States; 2010:368–372
56. Ratha NK, Connell JH, Bolle RM: Enhancing security and privacy in biometrics-based authentication systems. IBM Syst J 2001, 40: 614–634. IBM, 2001 IBM, 2001 10.1147/sj.403.0614
57. Rhoton, J: Discover OpenStack: the identity component keystone2013. Online accessed August 2014., [http://www.ibm.com/developerworks/cloud/library/cl-openstack-keystone/index.html?ca=dat-]
58. Rimal BP, Choi E, Lumb I: A taxonomy and survey of cloud computing systems. In INC, IMS and IDC, 2009. NCM’09. Fifth International Joint Conference on. IEEE, Piscataway, New Jersey, United States; 2009:44–51
59. Rose, J, Rehse O, Rober B: The value of our digital identity: The Boston Consulting Group; 2011., Online accessed March-2013., [http://www.libertyglobal.com/PDF/public-policy/The-Value-of-Our-Digital-Identity.pdf]
60. Sanchez R, Almenares F, Arias P, Diaz-Sanchez D, Marín A: Enhancing privacy and dynamic federation in IdM for consumer cloud computing. IEEE Trans Consum Electron 2012, 58: 95–103. IEEE, 2012 IEEE, 2012 10.1109/TCE.2012.6170060
61. Salsano S, Veltri L, Papalilo D: SIP security issues: the SIP authentication procedure and its processing load. Network 2002, 16: 38–44. IEEE, 2002 IEEE, 2002
62. Saripalli P, Walters B: Quirc: A quantitative impact and risk assessment framework for cloud security. In Cloud Computing (CLOUD), 2010 IEEE 3rd International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:280–288
63. Saroiu, S, Wolman A: Enabling new mobile applications with location proofs. In Proceedings of the 10th workshop on Mobile Computing Systems and Applications: ACM; 2009:3
64. Senk C, Dotzler F: Biometric Authentication as a service for enterprise identity management deployment: a data protection perspective. In Availability, Reliability and Security (ARES), 2011 Sixth International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:43–50
65. Shin D, Lopes R, Claycomb W: Authenticated dictionary-based attribute sharing in federated identity management. In Information Technology: New Generations, 2009. ITNG’09. Sixth International Conference on. IEEE, Piscataway, New Jersey, United States; 2009:504–509
66. Slone, S: Identity management. A white paper: The open group identity management work area; 2004
67. Sodhi G: User provisioning with SPML. Inf Secur Tech Rep 2004, 9(1):86–96. 10.1016/S1363-4127(04)00018-4
68. Subashini S, Kavitha V: A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 2011, 34: 1–11. Elsevier Elsevier 10.1016/j.jnca.2010.07.006
69. Suriadi S, Foo E, Jøsang A: A user-centric federated single sign-on system. J Netw Comput Appl 2009, 32: 388–401. Elsevier, 2009 Elsevier, 2009 10.1016/j.jnca.2008.02.016
70. Thompson, DR, Chaudhry N, Thompson CW: “RFID security threat model”. In the proceedings of Conference on Applied Research in Information Technology; 2006
71. Van der Hof S: Innovating Government: An Introduction to the Book (pp. 1–14). TMC Asser Press, R.J. Schimmelpennincklaan, JN Den Haag; 2011
72. Wang JJ, Mu S: “Security issues and countermeasures in cloud computing”. In Grey Systems and Intelligent Services (GSIS), 2011 IEEE International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:843–846
73. Wang L, Wang L, Mambo M, Okamoto E: New identity-based proxy re-encryption schemes to prevent collusion attacks. In Pairing-Based Cryptography-Pairing 2010. Springer, Berlin, Heidelberg; 2010:327–346
74. Windley PJ: Digital Identity. O’Reilly Media, Inc., Sebastopol, CA, USA; 2005
75. Yan L, Rong C, Zhao G: Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography. In Cloud Computing. Springer, Berlin, Heidelberg; 2009:167–177
76. Yassin AA, Jin H, Ibrahim A, Qiang W, Zou D: Efficient password-based two factors authentication in cloud computing. Int J Secur Appl 2012, 6: 143–148
77. You P, Peng Y, Liu W, Xue S: Security issues and solutions in cloud computing. In Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on. IEEE, Piscataway, New Jersey, United States; 2012:573–577
78. Youseff L, Butrico M, Da Silva D: Toward a unified ontology of cloud computing. In Grid Computing Environments Workshop, 2008. GCE’08. IEEE, Piscataway, New Jersey, United States; 2008:1–10
79. Zhang Y, Chen JL: Universal identity management model based on anonymous credentials. In Services Computing (SCC), 2010 IEEE International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:305–312
80. Zissis D, Lekkas D: Addressing cloud computing security issues. Future Generat Comput Syst 2012, 28: 583–592. Elsevier, 2012 Elsevier, 2012 10.1016/j.future.2010.12.006
81. Zhou, Y, Feng D: Side-channel attacks: ten years after its publication and the impacts on cryptographic module security testing. In IACR Cryptology ePrint Archive, Volume 2005; 2005:388