DocumentCode :
699089
Title :
Identity Management in Cloud Computing through Claim-Based Solution
Author :
Singh, Ashish ; Chatterjee, Kakali
Author_Institution :
Comput. Sci. & Eng., Nat. Inst. of Technol., Patna, India
fYear :
2015
fDate :
21-22 Feb. 2015
Firstpage :
524
Lastpage :
529
Abstract :
In the last few years, many organizations/users have adopted cloud storage systems. These storage systems provide a large virtual storage. When people move from web applications to cloud computing platform, their main concern point is how-to raise privacy of user´s sensitive data in cloud infrastructure. The traditional form of accessing cloud services is to use a username and password as a security token. During login/access time, new security risk may arise like virtualization attack, account/password sniffing, or phishing attack. Hence, cloud service provider (CSP) does not provide a complete security. Even though existing authentication scheme have addressed various security properties, there is still need of a secure authentication mechanism. This paper describes the need of claim-based identity management system, the basic terminology that is used in claim based approach and what is the advantage to use this approach. This paper proposes a model to extend the claim-based identity management scheme for cloud applications and provide a more secure way to access the cloud services. In this scheme, a new form of Security Assertion Markup Langauge (SAML) security tokens are created for identity, supported by Windows Communication Foundation (WCF) and hence, can prove more reliable with single interoperable approach to identify the works more secure in every situation in the cloud computing environment.
Keywords :
cloud computing; virtual storage; CSP; SAML security tokens; Security Assertion Markup Langauge; WCF; Web applications; Windows Communication Foundation; account/password sniffing; claim-based identity management scheme; claim-based identity management system; claim-based solution; cloud computing environment; cloud computing platform; cloud infrastructure; cloud service provider; cloud services; cloud storage systems; phishing attack; secure authentication mechanism; user sensitive data; username; virtual storage; virtualization attack; Authentication; Browsers; Cloud computing; Electronic mail; Organizations; Protocols; Claim; Cloud Computing; Federation Provide; Identity Providers; Security Token Service;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Advanced Computing & Communication Technologies (ACCT), 2015 Fifth International Conference on
Conference_Location :
Haryana
Print_ISBN :
978-1-4799-8487-9
Type :
conf
DOI :
10.1109/ACCT.2015.89
Filename :
7079139
Link To Document :
بازگشت