Authentication and Identity Management for Secure Cloud Businesses and Services

2014 ◽

pp. 180-201 ◽

Cited By ~ 1

Author(s):

Bing He ◽

Tuan T. Tran ◽

Bin Xie

Keyword(s):

Access Control ◽

Identity Management ◽

Service Providers ◽

Cloud Service ◽

Data Access ◽

Fine Grained ◽

Industry Standards ◽

Cloud Service Providers ◽

Potential Benefits ◽

Identity Management System

Today, cloud-based services and applications are ubiquitous in many systems. The cloud provides undeniable potential benefits to the users by offering lower costs and simpler deployment. The users significantly reduce their system management responsibilities by outsourcing services to the cloud service providers. However, the management shift has posed significant security challenges to the cloud service providers. Security concerns are the main reasons that delay organizations from moving to the cloud. The security and efficiency of user identity management and access control in the cloud needs to be well addressed to realize the power of the cloud. In this chapter, the authors identify the key challenges and provide solutions to the authentication and identity management for secure cloud business and services. The authors first identify and discuss the challenges and requirements of the authentication and identity management system in the cloud. Several prevailing industry standards and protocols for authentication and access control in cloud environments are provided and discussed. The authors then present and discuss the latest advances in authentication and identity management in cloud, especially for mobile cloud computing and identity as a service. They further discuss how proximity-based access control can be applied for an effective and fine-grained data access control in the cloud.

Download Full-text

Migration of Data between Cloud and Non-Cloud Datastores

Migrating Legacy Applications ◽

10.4018/978-1-4666-2488-7.ch009 ◽

2012 ◽

pp. 206-225

Author(s):

Shreyansh Bhatt ◽

Sanjay Chaudhary ◽

Minal Bhise

Keyword(s):

Relational Databases ◽

Service Providers ◽

Cloud Service ◽

Data Access ◽

Data Migration ◽

Cloud Service Providers ◽

Application Data ◽

And Migration ◽

Legacy Applications ◽

Recent Attention

The on demand services and scalability features of cloud computing have attracted many customers to move their applications into the cloud. Therefore, application, data access, storage, and migration to and from cloud have garnered much recent attention, especially with well-established legacy applications. Cloud service providers are following different standards to host applications and data. In the present chapter, the authors focus on data migration from various datastores to cloud and vice versa. They have discussed various challenges associated with this reciprocal migration and proposed a simple yet powerful model whereby data can be migrated between various datastores, especially cloud datastores. The results show an efficient way to move data from conventional relational databases to Google App Engines and how data residing in the Google App Engines can be stored on relational databases and vice versa. They provide a generalized architecture to store data in any cloud datastore. The authors use RDF/RDFS as an intermediate model in the migration process.

Download Full-text

Modeling the Ranking of Evaluation Criteria for Cloud Services

International Journal of Electronic Government Research ◽

10.4018/ijegr.2018040105 ◽

2018 ◽

Vol 14 (2) ◽

pp. 64-82 ◽

Cited By ~ 1

Author(s):

Kshitij Kushagra ◽

Sanjay Dhingra

Keyword(s):

Service Providers ◽

Evaluation Criteria ◽

Cloud Service ◽

Cloud Services ◽

End User ◽

Government Organizations ◽

Industry Standards ◽

Capability Analysis ◽

Cloud Service Providers ◽

Common Framework

The cloud market has become increasingly dense as vendors of all size compete for customers who have gravitated to technology as a way to run their operations. Today traditional players, as well as new vendors, are showing greater agility in the cloud business of India. At present, there are limited industry standards for the cloud-related businesses to assess their services. End-user government departments are puzzled as to which CSP is best suited for their requirements. An evaluation of cloud service providers should not only be driven by cost, but importance should also be given towards service provider ability and commitment to deliver the services. The absence of a common framework to assess the evaluation criteria of CSPs, combined with the fact that no two CSPs are the same, complicates the matter of CSP selection. This article proposes a framework for ranking of evaluation criteria for CSPs. The framework leverages the capability analysis of CSPs, measurable metrics and ranks the evaluation criteria for assessing the best CSP suitable for end-user government organizations.

Download Full-text

A Privacy-Preserving Attribute-Based Encryption System for Data Sharing in Smart Cities

Wireless Communications and Mobile Computing ◽

10.1155/2021/6686675 ◽

2021 ◽

Vol 2021 ◽

pp. 1-15

Author(s):

Xieyang Shen ◽

Chuanhe Huang ◽

Danxin Wang ◽

Jiaoli Shi

Keyword(s):

Data Sharing ◽

Service Providers ◽

Smart Cities ◽

Information Leakage ◽

Cloud Service ◽

Data Access ◽

Smart Devices ◽

Fine Grained ◽

Data Access Control ◽

High Level

Information leakage and efficiency are the two main concerns of data sharing in cloud-aided IoT. The main problem is that smart devices cannot afford both energy and computation costs and tend to outsource data to a cloud server. Furthermore, most schemes focus on preserving the data stored in the cloud but omitting the access policy is typically stored in unencrypted form. In this paper, we proposed a fine-grained data access control scheme based on CP-ABE to implement access policies with a greater degree of expressiveness as well as hidden policies from curious cloud service providers. Moreover, to mitigate the extra computation cost generated by complex policies, an outsourcing service for decryption can be used by data users. Further experiments and extensive analysis show that we significantly decrease the communication and computation overhead while providing a high-level security scheme compared with the existing schemes.

Download Full-text

Modeling the Ranking of Evaluation Criteria for Cloud Services

Cloud Security ◽

10.4018/978-1-5225-8176-5.ch015 ◽

2019 ◽

pp. 308-327

Author(s):

Kshitij Kushagra ◽

Sanjay Dhingra

Keyword(s):

Service Providers ◽

Evaluation Criteria ◽

Cloud Service ◽

Cloud Services ◽

End User ◽

Government Organizations ◽

Industry Standards ◽

Capability Analysis ◽

Cloud Service Providers ◽

Common Framework

The cloud market has become increasingly dense as vendors of all size compete for customers who have gravitated to technology as a way to run their operations. Today traditional players, as well as new vendors, are showing greater agility in the cloud business of India. At present, there are limited industry standards for the cloud-related businesses to assess their services. End-user government departments are puzzled as to which CSP is best suited for their requirements. An evaluation of cloud service providers should not only be driven by cost, but importance should also be given towards service provider ability and commitment to deliver the services. The absence of a common framework to assess the evaluation criteria of CSPs, combined with the fact that no two CSPs are the same, complicates the matter of CSP selection. This article proposes a framework for ranking of evaluation criteria for CSPs. The framework leverages the capability analysis of CSPs, measurable metrics and ranks the evaluation criteria for assessing the best CSP suitable for end-user government organizations.

Download Full-text

HNSciCloud, a Hybrid Cloud for Science

EPJ Web of Conferences ◽

10.1051/epjconf/201921409006 ◽

2019 ◽

Vol 214 ◽

pp. 09006

Author(s):

João Fernandes ◽

Bob Jones ◽

Sergey Yakubov ◽

Andrea Chierici

Keyword(s):

Service Providers ◽

Cloud Service ◽

Data Access ◽

Cloud Services ◽

Use Cases ◽

Hybrid Cloud ◽

Network Bandwidth ◽

It Resources ◽

Cloud Service Providers ◽

Research Organisations

Helix Nebula Science Cloud (HNSciCloud) has developed a hybrid cloud platform that links together commercial cloud service providers and research organizations’ in-house IT resources via the GEANT network. The platform offers data management capabilities with transparent data access where applications can be deployed with no modifications on both sides of the hybrid cloud and with compute services accessible via eduGAIN [1] and ELIXIR [2] federated identity and access management systems. In addition, it provides support services, account management facilities, full documentation and training. The cloud services are being tested by a group of 10 research organisations from across Europe [3], against the needs of use-cases from seven ESFRI infrastructures [4]. The capacity procured by ten research organisations from the commercial cloud service providers to support these use-cases during 2018 exceeds twenty thousand cores and two petabytes of storage with a network bandwidth of 40Gbps. All the services are based on open source implementations that do not require licenses in order to be deployed on the in-house IT resources of research organisations connected to the hybrid platform. An early adopter scheme has been put in place so that more research organisations can connect to the platform and procure additional capacity to support their research programmes.

Download Full-text

Identity Management Systems

International Journal of Strategic Decision Sciences ◽

10.4018/ijsds.2018010105 ◽

2018 ◽

Vol 9 (1) ◽

pp. 63-78 ◽

Cited By ~ 8

Author(s):

Vikas Kumar ◽

Aashish Bhardwaj

Keyword(s):

Access Control ◽

Management System ◽

Identity Management ◽

Service Providers ◽

Management Systems ◽

Role Based Access Control ◽

Central Administration ◽

Digital World ◽

Identity Management Systems ◽

Identity Management System

This article describes how in today's digital world, customers have made it a common practice to maintain user accounts with different service providers to access a range of services. In such environment, all attributes of the identity must be verified to operate, otherwise the resources would be vulnerable to financial and data loss. This article contends that makes it important to form an Identity Management System, which could provide central administration, user self- service, role based access control and integrated user management. Identity Management becomes very much vital for the environment working with multiple technologies, as it governs an entity (i.e. a human or a software agent) to authenticate and authorize for accessing the network via multiple technologies. Successful Identity Management increases the efficiency, security, access control and decreases the complexity, cost and many repetitive works. Essential features of present day identity management systems have been identified in the present work. A comparative analysis of these identity management systems has been carried out to establish the present-day industry practices. Along with that, specific challenges to the present-day identity management systems have been identified. The article helps in the identification of suitable Identity Management System for specific applications.

Download Full-text

Addressing Semantics Standards for Cloud Portability and Interoperability in Multi Cloud Environment

Symmetry ◽

10.3390/sym13020317 ◽

2021 ◽

Vol 13 (2) ◽

pp. 317

Author(s):

Chithambaramani Ramalingam ◽

Prakash Mohan

Keyword(s):

Service Providers ◽

Research Work ◽

Cloud Service ◽

Cloud Services ◽

Cloud Environment ◽

Cloud Service Providers ◽

Application Programming ◽

Increasing Demand ◽

Programming Interfaces ◽

Multi Cloud

The increasing demand for cloud computing has shifted business toward a huge demand for cloud services, which offer platform, software, and infrastructure for the day-to-day use of cloud consumers. Numerous new cloud service providers have been introduced to the market with unique features that assist service developers collaborate and migrate services among multiple cloud service providers to address the varying requirements of cloud consumers. Many interfaces and proprietary application programming interfaces (API) are available for migration and collaboration services among cloud providers, but lack standardization efforts. The target of the research work was to summarize the issues involved in semantic cloud portability and interoperability in the multi-cloud environment and define the standardization effort imminently needed for migrating and collaborating services in the multi-cloud environment.

Download Full-text