A Survey on Privacy Enhancement in Cloud Computing using Identity Management

Abstract
Authors
Keywords
Conclusion
References

Cloud computing is a better way to increase the capabilities dynamically without the expenses spent in new infrastructure or licensing new software. Though cloud computing is providing better utilization of resources by virtualization techniques and taking up much of the work load from the user, it is fraught with security risks. Traditional identity management systems are designed to be cost effective and scalable primarily for the service providers, but not necessarily for the users, which often results in poor usability. Users are often required to memorize multiple passwords for accessing various services from different service providers. In this paper, a survey of the different security risks that pose a threat to the cloud is presented. This paper compares various identity management models and paradigms and the results are summarized in the form of table.

Published In : IJCSN Journal Volume 2, Issue 6

Date of Publication : 01 December 2013

Pages : 94 - 102

Figures : 07

Tables : 02

Publication Link : ijcsn.org/IJCSN-2013/2-6/IJCSN-2013-2-6-141.pdf

M. Janaki : Assistant Professor, Dr.Umayal Ramanathan College for Women, Karaikudi, Tamilnadu, India

Dr.M.Ganaga Durga : Assistant Professor, Government Arts College for Women, Sivaganga, Tamilnadu, India

Cloud computing

Security issues

Identity management

Federated

User-centric

Personal authentication device

An integrated security model targeting different levels of security of data for a typical cloud infrastructure is under research. We intend to develop a framework to enhance privacy in cloud computing using user-centric identity management. This framework would be providing ‘Security as a Service’ to the applications by providing security as a single-tier or a multi-tier based on the application’s requirement and addition to it, the tiers are enabled to change dynamically making the security system less predictable. Though there are many practical concerns regarding to dynamic security, our research is much concentrated to derive a better approach which targets these concepts and provide a practical solution for the cloud computing security risks. The future direction of our research is to strengthen cloud security by using identity based cryptography in user centric identity management.

[1] Peter Mell, Timothy Grance, “The NIST Definition of Cloud Computing (Draft)”, Special Publication 800-145 (Draft). Recommendations of the National Institute of Standards and Technology. U.S. Department of commerce. January 2011.

[2] Subashini S, Kavitha V. A survey on security issues in service delivery models of cloud computing. J Network Comput Appl (2010), doi:10.1016/j.jnca.2010.07.006.

[3] Anu Gopalakrishnan, “Cloud Computing Identity Management” SETLabs Briefings VOL 7 NO 7 2009.

[4] Audun Jøsang, Simon Pope “User Centric Identity Management”, AusCERT Conference 2005. Co-operative Research Centre for Enterprise Distributed Systems Technology (DSTC) through the Australian Federal Government’s CRC Programme (Department of Education, Science, and Training).

[5] Michael Armbrust, Armando Fox, Rean Griffith, Anthony D. Joseph, Randy H. Katz, Andrew Konwinski, Gunho Lee, David A. Patterson, Ariel Rabkin, Ion Stoica, Matei Zaharia “Above the Clouds: A Berkeley View of Cloud Computing” Technical Report No. UCB/EECS-2009-28. http://www.eecs.berkeley.edu/Pubs/TechRpts/2009/EECS-2009-28.html

[6] R. Buyya, et al., Cloud computing and emerging IT platforms: Vision, hype, and reality for delivering computing as the 5th utility, Future Generation Computer Systems (2009), doi:10.1016/j.future.2008.12.001.

[7] Qi Zhang , Lu Cheng, Raouf Boutaba “Cloud computing: state-of-the-art and research challenges” J Internet Serv Appl (2010) 1: 7–18. DOI 10.1007/s13174-010-0007-6 © The Brazilian Computer Society 2010, Springer.

[10] Deyan Chen, Hong Zhao “Data Security and Privacy Protection Issues in Cloud Computing” 2012 International Conference on Computer Science and Electronics Engineering. 978-0-7695-4647-6/12 $26.00 © 2012 IEEE. DOI 10.1109/ICCSEE.2012.193.

[11] Wayne Jansen, Timothy Grance “Guidelines on Security and Privacy in Public Cloud Computing” Special Publication 800-145 (Draft). Recommendations of the National Institute of Standards and Technology. U.S. Department of commerce. December 2011.

[12] Rohit Ranchal, Bharat Bhargava, Lotfi Ben Othmane, Leszek Lilien, “Protection of Identity Information in Cloud Computing without Trusted Third Party”, 1060-9857/10 $26.00 © 2010 IEEE. DOI 10.1109/SRDS.2010.57.

[15] Michael Koch, Wolfgang Worndl, “Community Support and Identity Management”, Proceedings of the Seventh European Conference on Computer-Supported Cooperative Work, 16-20 September 2001, Bonn, Germany, pp 319-338 © 2001 Kluwer Academic Publishers Printed in the Netherlands.

[17] Abha Sachdev, Mohit Bhansali, “Enhancing Cloud Computing Security using AES Algorithm”, Published by the International Journal of Computer Applications(0975-8887), Volume 67-N0.9, April 2013.

[18] Safiyyah srour, Gary Taylor, “Cloud Computing Based Cryptography”, Published by the European Journal of Computer Science and Engineering, Vol.10 2013, ISSN(paper) 2668-3113 ISSN(online) 2668-3415.

[19] Zhiwei Wang, Guozi Sun, Danwei Chen, “ A New definition of Homomorphic signature for identity management in mobile cloud computing” Published by the Journal of Computer and System Sciences (2013), http://dx.doi.org/10.1016/j.jcss.2013.06.010.

[20] Rohit Ranchal, Bharat Bhargava, Lotfi Ben Othmane, Leszek Lilien, Anya Kim, myong Kand, Mark Linderman, “Protection of Identify Information Cloud Computing without Trusted Third Party”, Published by 29th IEEE International Symposium on Reliable Distributed Systems. DOI 10.1109/SRDS.2010.57.