Authenticated Dictionary-Based Attribute Sharing in Federated Identity Management

Shin, Dongwan; Lopes, Rodrigo; Claycomb, William R.

doi:10.1109/itng.2009.193

Cited by 7 publications

(10 citation statements)

References 8 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…The paper [34] addresses the problem of provenance and how to encrypt search while protecting confidentiality of data provenance stored in the cloud. The proposed system is capable of handling complex queries for data search, finally, the system entities do not share any keys and even if a compromised User (or Auditor) is revoked, the system would be able to perform its intended operations without requiring re-encryption.…”

Section: Related Workmentioning

confidence: 99%

Enhancing Data Security and Access Control in Cloud Environment using Modified Attribute Based Encryption Mechanism

Naik¹,

Damahe²

2016

IJCNIS

View full text Add to dashboard Cite

Social networking and growing popularity of cloud services have made everyone to communicate each other in an easiest way. File sharing and distribution are the frequently used services provided by cloud service providers, although these facilities reduce cost of data sharing but at the same time data security and access control is the major problem. Many renowned service providers have faced the challenges to secure data and provide better access control, and we know once the data is leaked we cannot recover the data loss. Thus in order to ensure better security we need for focus on the two major problems, and those are access control and encryption policy. Cipher text policy attribute based encryption is the most effective solution for access control in real time scenarios where owner can actually decide the access rights for the end-user, but it comes with key escrow problem. We are proposing our modified escrow-free key issuing protocol to solve the problem of key escrow and our Modified Attribute Based Encryption scheme to achieve all security requirements to get a robust and secure system. Further we evaluate our model on the basis of results and lastly we conclude the paper.

show abstract

Section: Related Workmentioning

confidence: 99%

Enhancing Data Security and Access Control in Cloud Environment using Modified Attribute Based Encryption Mechanism

Naik¹,

Damahe²

2016

IJCNIS

View full text Add to dashboard Cite

show abstract

“…Federated Cloud IDMS Federated Cloud identity management system is the realization of federated identity management model that enables the subscribers of multiple organizations to use the same identification information for acquiring access to all the networks within any particular trusted group of enterprises (Cao and Yang 2010;Chen et al 2012;Jøsang et al 2005). Federated Cloud Identity management system has received significant attention from the IT industry because of its design agility that inherently allows cross-domain access to its users by eliminating the need of creating additional user accounts for external parties (Arias-Cabarcos et al 2012;Shin et al 2009;Suriadi et al 2009). Federated IDMS follows the distributed storage architecture, where identity information is stored at multiple locations.…”

Section: Deployment Based Classificationmentioning

confidence: 99%

“…Authentication is the process of verification that ensures whether the person or the application is actually the one or who it claims to be (Jansen 2011;Pashalidis and Mitchell 2003;Shin et al 2009;Slone 2004;Subashini and Kavitha 2011;Windley 2005;You et al 2012). In the multi-tenant Cloud environment, users and computer programs are required to prove their identity/legitimacy to the authentication service whenever they attempt to access some application or while acquiring a web resource.…”

Section: Authenticationmentioning

confidence: 99%

“…Identity federation has two meanings: it can be a method of associating and communicating a person's digital identity and attributes that are stored across multiple Cloud based IDMSs or it could be any standard, contract and technology that make the identity information movable across independent domains (Arias-Cabarcos et al 2012; Chen and Zhao 2012; Shin et al 2009;Slone 2004;Suriadi et al 2009). Identity federation plays the key role in securing user credentials while moving towards the Cloud.…”

Section: Identity Federationmentioning

confidence: 99%

See 1 more Smart Citation

Cloud identity management security issues & solutions: a taxonomy

Habiba

Masood

Shibli

et al. 2014

Complex Adapt Syst Model

View full text Add to dashboard Cite

Purpose: Cloud computing systems represent one of the most complex computing systems currently in existence. Current applications of Cloud involve extensive use of distributed systems with varying degree of connectivity and usage. With a recent focus on large-scale proliferation of Cloud computing, identity management in Cloud based systems is a critical issue for the sustainability of any Cloud-based service. This area has also received considerable attention from the research community as well as the IT industry. Numerous Cloud Identity Management Systems (IDMSs) have been proposed so far; however, most of those systems are neither widely accepted nor considered highly reliable due to their constraints in terms of scope, applicability and security. In order to achieve reliability and effectiveness in IDMs for Cloud, further extensive research needs to be carried out to critically examine Cloud based IDMSs and their level of security. Methods: In this work, we have holistically analyzed Cloud IDMSs to better understand the general as well as the security aspects of this domain. From the security perspective, we present a comprehensive list of attacks that occur frequently in Cloud based IDMSs. In order to alleviate those attacks, we present a well-organized taxonomy tree covering the most desired features essential for any Cloud-based IDMSs. Additionally, we have specified various mechanisms of realization (such as access control polices, encryption, self-service) against each of the features of Cloud IDMSs. We have further used the proposed taxonomy as an assessment criterion for the evaluation of Cloud based IDMSs. Results: Our in-depth analysis of various Cloud based IDMSs reveals that most of the systems do not offer support to all the essential features of Cloud IDMS and the ones that do, have their own certain weaknesses. None of the discussed techniques heuristically covers all the security features; moreover, they lack compliance to international standards which, understandably, undermines their credibility. Conclusion: Presented work will help Cloud subscribers and providers in understanding the available solutions as well as the involved risks, allowing them to make more knowledgeable decisions while selecting potential Cloud IDMSs that best suits their functional and security requirements.

show abstract

“…One of the best known examples is based on the Merkle hash tree [6]. Recently, ADT-based approaches to designing a credential system that allows users to selectively disclose their attributes have been made in [7], [8], and they are based on skip lists [9], [10]. A skip list is a data structure that allows the effective search and update of elements within a set.…”

Section: B Selective Attribute Disclosure and Sharingmentioning

confidence: 99%

A Framework for Enabling User-Controlled Persona in Online Social Networks

Shin

Lopes

Claycomb

et al. 2009

2009 33rd Annual IEEE International Computer Software and Applications Conference

Self Cite

View full text Add to dashboard Cite

Abstract-As the use of personal information in social network sites seems manifold, including the representation of an individual's digital persona (or social role) and identification, so does the abuse or misuse of the information. The issue of privacy is critically important in this context. In this paper we present a novel framework for enabling user-controlled sharing of sensitive personal information for better privacy protection in current online social networks. Specifically, the framework called U-Control is proposed to facilitate digital persona and privacy management (DPPM) in a user-centric way that it can satisfy diverse privacy requirements and specification, and social network environments. We discuss the design of a security system based on the proposed framework. Finally we discuss a proof-of-concept implementation, along with performance evaluation.

show abstract

Authenticated Dictionary-Based Attribute Sharing in Federated Identity Management

Cited by 7 publications

References 8 publications

Enhancing Data Security and Access Control in Cloud Environment using Modified Attribute Based Encryption Mechanism

Enhancing Data Security and Access Control in Cloud Environment using Modified Attribute Based Encryption Mechanism

Cloud identity management security issues & solutions: a taxonomy

A Framework for Enabling User-Controlled Persona in Online Social Networks

Contact Info

Product

Resources

About