Identity and Access Management in the Cloud Computing Environments

Nowadays, the issue of identity and access management (IAM) has become an important research topic in cloud computing. In the distributed computing environments like cloud computing, effective authentication and authorization are essential to make sure that unauthorized users do not access the resources, thereby ensuring the confidentiality, integrity, and availability of information hosted in the cloud environment. In this chapter, the authors discuss the issue of identity and access management in cloud computing, analyzing the work carried out by others in the area. Also, various issues in the current IAM scenario in cloud computing, such as authentication, authorization, access control models, identity life cycle management, cloud identity-as-a-service, federated identity management and also, the identity and access management in the inter-cloud environment are discussed. The authors conclude this chapter discussing a few research issues in the area of identity and access management in the cloud and inter-cloud environments.

Download Full-text

Identity and Access Management in the Cloud Computing Environments

Identity Theft ◽

10.4018/978-1-5225-0808-3.ch003 ◽

2016 ◽

pp. 38-68

Author(s):

Manoj V. Thomas ◽

K. Chandrasekaran

Keyword(s):

Cloud Computing ◽

Identity Management ◽

Life Cycle Management ◽

Cloud Environment ◽

Access Management ◽

Access Control Models ◽

Important Research Topic ◽

Authentication And Authorization ◽

Computing Environments ◽

Federated Identity

Download Full-text

Authentication and Authorization Mechanism for Cloud Security

International Journal of Engineering and Advanced Technology - Regular Issue ◽

10.35940/ijeat.f8473.088619 ◽

2019 ◽

Vol 8 (6) ◽

pp. 2072-2078

Keyword(s):

Cloud Computing ◽

Identity Management ◽

High Reliability ◽

Cloud Security ◽

Access Management ◽

Storage Security ◽

Computational Evaluation ◽

Authentication And Authorization ◽

Application Access ◽

Directory Services

Cloud Computing is a most widespread and popular form of computing, promising high reliability for customers and providers both at the same point of time for many fields, where cloud storage security is based on Authentication and Authorization in cloud computing. Data is uploaded into a cloud and stored in a datacenter, Authentication and authorization are the major concerns to access the data stored in cloud by users from the data center. Security is a major issue; these are mainly deal with identity and access management, prevention of data loss and malware attack control management. In this paper we majorly concentrated on Authentication and Authorization to cloud access, we focused on identity management mechanism as cloud security solution that provides directory services for application access management. We discussed the protocols that support authorization and allows the communication across applications with the help of tokens instead of credentials. We even concentrated on the different mechanisms which plays a major role in designing a secured cloud computing architecture from malicious intrusions and attacks, it is a step to verify the presence and functioning of the cloud customers and cloud providers through security mechanisms to protect from different risks, threats and attacks. In this paper we discussed different security Algorithms and Authentication architecture along with the proposed algorithm, where analysis is done along with the computational evaluation with output

Download Full-text

An Unified Secured Cloud System for the Education Sector of India

Social, Legal, and Ethical Implications of IoT, Cloud, and Edge Computing Technologies - Advances in Information Security, Privacy, and Ethics ◽

10.4018/978-1-7998-3817-3.ch004 ◽

2020 ◽

pp. 69-102

Author(s):

Kimaya Arun Ambekar ◽

Kamatchi R.

Keyword(s):

Cloud Computing ◽

Network Security ◽

Access Control ◽

Identity Management ◽

Data Encryption ◽

Cloud Services ◽

Education Sector ◽

Cloud Environment ◽

The World ◽

Community Cloud

Cloud computing is based on years of research on various computing paradigms. It provides elasticity, which is useful in the situations of uneven ICT resources demands. As the world is moving towards digitalization, the education sector is expected to meet the pace. Acquiring and maintaining the ICT resources also necessitates a huge amount of cost. Education sector as a community can use cloud services on various levels. Though the cloud is very successfully running technology, it also shows some flaws in the area of security, privacy and trust. The research demonstrates a model in which major security areas are covered like authorization, authentication, identity management, access control, privacy, data encryption, and network security. The total idea revolves around the community cloud as university at the center and other associated colleges accessing the resources. This study uses OpenStack environment to create a complete cloud environment. The validation of the model is performed using some cases and some tools.

Download Full-text

Privacy Token Technique for Protecting User’s Attributes in a Federated Identity Management System for the Cloud Environment

2019 2nd International Conference of the IEEE Nigeria Computer Chapter (NigeriaComputConf) ◽

10.1109/nigeriacomputconf45974.2019.8949645 ◽

2019 ◽

Author(s):

Maria M. Abur ◽

Sahalu B. Junaidu ◽

Afolayan A. Obiniyi ◽

Saleh E. Abdullahi

Keyword(s):

Management System ◽

Identity Management ◽

Cloud Environment ◽

Identity Management System ◽

Federated Identity Management ◽

Federated Identity

Download Full-text

Security Challenges in Healthcare Cloud Computing: A Systematic Review

Global Journal of Health Science ◽

10.5539/gjhs.v9n3p157 ◽

2016 ◽

Vol 9 (3) ◽

pp. 157 ◽

Cited By ~ 14

Author(s):

Esmaeil Mehraeen ◽

Marjan Ghazisaeedi ◽

Jebraeil Farzi ◽

Saghar Mirshekari

Keyword(s):

Systematic Review ◽

Cloud Computing ◽

Access Control ◽

Identity Management ◽

Research Question ◽

Security And Privacy ◽

Healthcare Data ◽

Security Challenges ◽

Authentication And Authorization ◽

Hypervisor Security

BACKGROUND: Healthcare data are very sensitive records that should not be made available to unauthorized people in order for protecting patient's information security. However, in progressed technologies as cloud computing which are vulnerable to cyber gaps that pose an adverse impact on the security and privacy of patients’ electronic health records and in these situations, security challenges of the wireless networks need to be carefully understood and considered. Recently, security concerns in cloud computing environment are a matter of challenge with rising importance.OBJECTIVE: In this study a systematic review to investigate the security challenges in cloud computing was carried out. We focused mainly on healthcare cloud computing security with an organized review of 210 full text articles published between 2000 and 2015.METHOD: A systematic literature review was conducted including PubMed, Science direct, Embase, ProQuest, Web of science, Cochrane, Emerald, and Scopus databases.FINDINGS: Using the strategies described, 666 references retrieved (for research question one 365, research question two 201, and research question three 100 references).IMPROVEMENTS: Review of articles showed that for ensuring healthcare data security, it is important to provide authentication, authorization and access control within cloud's virtualized network. Issues such as identity management and access control, Internet-based access, authentication and authorization and cybercriminals are major concerns in healthcare cloud computing. To manage these issues many involved events such as Hybrid Execution Model, VCC-SSF, sHype Hypervisor Security Architecture, Identity Management, and Resource Isolation approaches have to be defined for using cloud computing threat management processes.

Download Full-text

Digital Identity Management in Cloud

Cloud Technology ◽

10.4018/978-1-4666-6539-2.ch076 ◽

2015 ◽

pp. 1660-1685

Author(s):

Vladimir Vujin ◽

Konstantin Simić ◽

Borko Kovačević

Keyword(s):

Identity Management ◽

End Users ◽

Learning System ◽

Cloud Environment ◽

Cross Domain ◽

E Learning ◽

Identity Management System ◽

Federated Identity ◽

Digital Identities ◽

Share Information

Existing approaches for management of digital identities within e-learning ecosystems imply defining different access parameters for each service or application. However, this can reduce system security and lead to insufficient usage of the services by end-users. This chapter investigates various approaches for identity management, particulary in a cloud computing environment. Several complex issues are discussed, such as cross-domain authentication, provisioning, multi-tenancy, delegation, and security. The main goal of the research is to provide a highly effective, scalable identity management for end-users in an educational private cloud. A federated identity concept was introduced as a solution that enables organizations to implement secure identity management and to share information on the identities of users in the cloud environment. As a proof of concept, the identity management system was implemented in the e-learning system of Faculty of Organizational Sciences, University of Belgrade.

Download Full-text

Implementing Hybrid Security Mechanism for Cloud Considering Intrusion, Sql Injection and Performance Degradation

International Journal of Recent Technology and Engineering - 2 ◽

10.35940/ijrte.f5525.039621 ◽

2021 ◽

Vol 9 (6) ◽

pp. 142-150

Author(s):

Manju Sharma ◽

Mukesh Kumar Sharma

Keyword(s):

Cloud Computing ◽

Identity Management ◽

Intelligent System ◽

Training Model ◽

Research Paper ◽

Cloud Services ◽

Cloud Environment ◽

Security Threat ◽

Services Research ◽

Sql Injection

Considering the demand of cloud services research has considered the issues or problems related to cloud computing. Various approaches adopted by existing research have limited scope and there is need to increase the security of cloud computing environment. The issues of security threat in cloud environment are explained in this paper. There have been several security threats to cloud environment such as Intrusion, brute force, Sql injection, Trozen horse that could affect the security of cloud services. There remains issue of Un-authentic access. Moreover the identity management is becoming a great challenge. Previous researches have proposed cryptographic approach while some provided solution to hacking attempts along with unauthentic external access but these security mechanisms are not sufficient to protect the cloud. Research paper is introducing intelligent system that is capable to trace the intrusion using LSTM based training model. The model is trained in order to categorize intrusion accordingly. The focus of research is to increase the security from intrusion by providing intelligent LSTM approach. This mechanism would classify the transmission in different categories such as Dos-synflooding, MITM ARP spoofing, Mirai-Ackflooding, Mirai-Http flooding, Mirai-Hostbruteforceg, Mirai-UDP Flooding, scan hostport and Normal. Moreover research paper has focused on prevention of Sql injection attacks. In order to increase the security between sender and receiver research has also allowed two way port based hand shaking in order to transmit data more securely. The transmission would be initiated using default port but the actual transmission would be made using random port that would be set for specific time slot.

Download Full-text

Security strategies for cloud identity management - a study

International Journal of Engineering & Technology ◽

10.14419/ijet.v7i2.10410 ◽

2018 ◽

Vol 7 (2) ◽

pp. 732 ◽

Cited By ~ 1

Author(s):

Anilkumar Chunduru ◽

Sumathy S

Keyword(s):

Cloud Computing ◽

Access Control ◽

Resource Sharing ◽

Large Scale ◽

Identity Management ◽

Critical Infrastructure ◽

Critical Issue ◽

Government Organizations ◽

Control Schemes ◽

Federated Identity

Emphasis on security for providing Access Control in Cloud computing environment plays a significant role. Cloud computing provides number of benefits such as resource sharing, low speculation and large storage space. Huge amount of information stored in cloud can be accessed from anywhere, anytime on pay-per use basis. Resources in cloud should be accessed only by the authorized clients. Access Control in cloud computing has become a critical issue due to increasing number of users experiencing dynamic changes. Authentication, authorization and approval of the access ensuring liability of entities from login credentials including passwords and biometric scan is essential. Also, the federated authentication management is secured. Current approaches require large-scale distributed access control in cloud environment. Data security and access control are the drawbacks in existing access control schemes. Due to the drawbacks in existing access control schemes such as privacy of information when susceptible information is stored in intermediary service provider a federated identity access management is essential. Access control applications majorly concentrate on Healthcare, Government Organizations, Commercial, Critical Infrastructure and Financial Institutions. This review illustrates a detailed study of access control models in cloud computing and various cloud identity management schemes.

Download Full-text

A Smart Biometric Identity Management Framework for Personalised IoT and Cloud Computing-Based Healthcare Services

Sensors ◽

10.3390/s21020552 ◽

2021 ◽

Vol 21 (2) ◽

pp. 552

Author(s):

Farnaz Farid ◽

Mahmoud Elkhodr ◽

Fariza Sabrina ◽

Farhad Ahamed ◽

Ergun Gide

Keyword(s):

Cloud Computing ◽

Identity Management ◽

Homomorphic Encryption ◽

Healthcare Services ◽

Healthcare Systems ◽

Security And Privacy ◽

Management Framework ◽

Personalized Healthcare ◽

Authentication Mechanism ◽

Federated Identity

This paper proposes a novel identity management framework for Internet of Things (IoT) and cloud computing-based personalized healthcare systems. The proposed framework uses multimodal encrypted biometric traits to perform authentication. It employs a combination of centralized and federated identity access techniques along with biometric based continuous authentication. The framework uses a fusion of electrocardiogram (ECG) and photoplethysmogram (PPG) signals when performing authentication. In addition to relying on the unique identification characteristics of the users’ biometric traits, the security of the framework is empowered by the use of Homomorphic Encryption (HE). The use of HE allows patients’ data to stay encrypted when being processed or analyzed in the cloud. Thus, providing not only a fast and reliable authentication mechanism, but also closing the door to many traditional security attacks. The framework’s performance was evaluated and validated using a machine learning (ML) model that tested the framework using a dataset of 25 users in seating positions. Compared to using just ECG or PPG signals, the results of using the proposed fused-based biometric framework showed that it was successful in identifying and authenticating all 25 users with 100% accuracy. Hence, offering some significant improvements to the overall security and privacy of personalized healthcare systems.

Download Full-text

A Comprehensive Survey and Analysis on Access Control Schemes in Cloud Environment

Cybernetics and Information Technologies ◽

10.1515/cait-2016-0002 ◽

2016 ◽

Vol 16 (1) ◽

pp. 19-38 ◽

Cited By ~ 4

Author(s):

P. G. Shynu ◽

K. John Singh

Keyword(s):

Cloud Computing ◽

Access Control ◽

Security Requirements ◽

Future Research ◽

Cloud Environment ◽

Access Control Models ◽

Control Models ◽

Outsourced Data ◽

Comprehensive Survey ◽

Cloud Technologies

Abstract Cloud computing has emerged as the most dominant computational paradigm in recent times. There are tremendous benefits for enterprises adopting cloud technologies. It provides resources and services on demand, pay-as-you go basis. This includes infrastructure, platform and software services. But there are still a number of security threats and challenges associated with utilizing cloud computing. A proper access control is the fundamental security requirement in any cloud environment, to avoid unauthorized access to the cloud systems. As cloud computing supports multi-tenancy and has a various categories of users with different sets of security requirements, traditional access control models and policies cannot be used. This paper discusses on various access control models used for cloud environment and presents a detailed requirement analysis for developing an access control, specifically for the cloud. A comprehensive study on various security problems associated with outsourced data on the cloud and their existing solutions are also described, with the future research directions.

Download Full-text