DocumentCode :
3532933
Title :
Platform capability based identity management for scalable and secure cloud service access
Author :
Bhargav-Spantzel, A. ; Deutsch, S.W.
fYear :
2012
fDate :
3-7 Dec. 2012
Firstpage :
763
Lastpage :
768
Abstract :
In the past identity management solutions evolved to solve the challenges with username/password based systems to provide a seamless single sign-on (SSO) experience for the user. With the advent of large scale cloud services, the existing SSO solutions for authentication using only username/password need to be revisited. We propose the use of platform capabilities and integrated credentials as a criteria for doing the authentication and authorization of the respective cloud service requesters. Cloud service requesters can be any type of device including PCs, TVs, laptops, phones, tablets and so on. Based on the device type the capabilities can offer information that may be necessary and sometimes sufficient to provide access to a given service. More specifically, a user may not have to enroll to get certain types of cloud services because the platform capabilities and intrinsic certificates may be sufficient without user specific information or input. For example, if a device can provide secure geo specific information then services which are provided for devices in a certain geo can be qualified based on the provided geo information without any additional input. For services that are controlled for enrolled users, instead of establishing a username/password PKI certificates can be embedded on the device which is secured using the platform capabilities. This will allow secure yet seamless access to such cloud services. Such a model where user ID is not mandatory but definitely available per service requirements, allows for enhanced privacy without jeopardizing security. Additionally the flexibility of such a model may allow the scaled identity management policies as required for various types of cloud services.
Keywords :
cloud computing; message authentication; public key cryptography; PKI certificates; SSO; enhanced privacy; large scale cloud services; platform capability based identity management; scalable cloud service access; seamless single sign-on; secure cloud service access; secure geo specific information; username-password based systems; Access control; Data privacy; Hardware; Licenses; Materials; Privacy; Identity Management; Privacy; Security; Trusted Computing;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Globecom Workshops (GC Wkshps), 2012 IEEE
Conference_Location :
Anaheim, CA
Print_ISBN :
978-1-4673-4942-0
Electronic_ISBN :
978-1-4673-4940-6
Type :
conf
DOI :
10.1109/GLOCOMW.2012.6477671
Filename :
6477671
Link To Document :
بازگشت