Skip to main content
SpringerLink
Log in

Identity Management for Cloud Computing

  • Chapter
New Concepts and Applications in Soft Computing

Part of the book series: Studies in Computational Intelligence ((SCI,volume 417))

Abstract

Cloud Computing is a technology which aims to provide on-demand scalable services over the Internet via Cloud vendors to multi-tenant organizations. Enterprises are interested to move their on-premises infrastructure into cloud computing. However they are still concerned about the security risks implied by the act of embedding their resources within the cloud computing environment.

First, this research presents the fundamentals of Cloud Computing. Afterwards, the technical security aspects in Cloud Computing are classified from two perspectives: web applications security issues and virtualization security issues. Both security issues include the threats implied with their mitigation techniques, which consolidates the request to provide an adequate Identity and Management architecture for Cloud Computing.

Further, this paper addresses the Identity and Access Management (IAM) security category of the Cloud Computing field, which includes the security requirements, the standards of interest and the current Identity and Access Management solutions.

A trusted Identity and Access Management architecture for cloud services assumes establishing the list of the security requirements and using the suitable standards. The paper also relates an evaluation of the existing Identity Access Management solutions.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 109.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Mell, P., Grance, T.: The NIST definition of Cloud Computing. (online) National Institute of Standards and Technology (NIST) (2009), http://csrc.nist.gov/groups/SNS/cloud-computing/cloud-def-v15.doc (accesssed October 2, 2010)

  2. Chen, X., Wills, G.B., Gilbert, L., Bacigalupo, D.: Using Cloud for Research: A Technical Review (online) JISC (2010), http://tecires.ecs.soton.ac.uk/docs/TeciRes_Technical_Report.pdf (accessed November 10, 2010)

  3. Rittinghouse, J.W., Ransome, J.F.: Cloud Computing Implementation, Management and Security. CRC Press, Boca Raton (2010)

    Google Scholar 

  4. CSA, Security Guidance for Critical Areas of Focus in Cloud Computing V2.1 (online) Cloud Security Alliance (2009), http://www.cloudsecurityalliance.org/csaguide.pdf (accessed October 14, 2010)

  5. CPNI, Information Security Briefing Cloud Computing (online) Centre for the Protection of National Infrastructure (2010), http://www.cpni.gov.uk/Docs/cloud-computing-briefing.pdf (accessed October 2, 2010)

  6. Jensen, M., Schwenk, J., Gruschka, N., Iacono, L.L.: On technical Security Issues in Cloud Computing. In: IEEE International Conference on Cloud Computing (Cloud 2009), Bangalore, pp. 109–116 (2009)

    Google Scholar 

  7. Gruschka, N., Iacono, L.L.: Vulnerable Cloud: SOAP Message Security Validation Revisited. In: IEEE International Conference on Web Services, ICWS 2009, Los Angeles, pp. 625–631 (2009)

    Google Scholar 

  8. IBM, IBM Point of View: Security and Cloud Computing (online) (2009a), ftp://public.dhe.ibm.com/common/ssi/ecm/en/tiw14045usen/TIW14045USEN_HR.PDF (accessed October 2, 2010)

  9. Kandukuri, B.R., Paturi, R.V., Rakshit, A.: Cloud Security Issues. In: IEEE International Conference on Services Computing, Bangalore, pp. 517–520 (2009)

    Google Scholar 

  10. Andrei, T.: Cloud Computing Challenges and Related Security Issuess. A Survey Paper (online) (2009), http://www1.cse.wustl.edu/~jain/cse571-09/ftp/cloud/index.html (accessed May 21, 2011)

  11. Gruschka, N., Jensen, M.: Attack Surfaces: A taxonomy for Attacks on Cloud, vol. 5(7), (32) (2010), http://download.hakin9.org/en/Securing_the_Cloud_hakin9_07_2010.pdf (accessed October 20, 2010)

  12. Ramgovind, S., Eloff, M.M., Smith, E.: The management of security in Cloud Computing. In: Information Security for South Africa (ISSA), pp. 1-7 (2010)

    Google Scholar 

  13. Zhou, M., Zhang, R., Xie, W., Qian, W., Zhou, A.: Security and Privacy in Cloud Computing: A Survey. In: 2010 Sixth International Conference on Semantics Knowledge and Grid (SKG), pp. 105–112 (2010)

    Google Scholar 

  14. Jing, X., Jian-Jun, Z.: A Brief Survey on the Security Model of Cloud Computing. In: 2010 Ninth International Symposium on Distributed Computing and Applications to Business Engineering and Science (DCABES), pp. 475–478 (2010)

    Google Scholar 

  15. Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R.H., Konwinski, A., Lee, G., Petterson, D.A., Rabkin, A., Stoica, I., Zaharia, M.: Above the Clouds: A Berkely View of Cloud Computing. Technical Report No. UCB/EECS-2009-28, Berkely Electrical Engineering and Computing Science, University of California, Berkely (2009)

    Google Scholar 

  16. RSA, The Role of Security in Trustworthy Cloud Computing. White Paper (2009)

    Google Scholar 

  17. Identity Federation in a Hybrid Cloud Computing Environment Solution Guide, Juniper Networks, Inc. (online) (2009), http://www.juniper.net/us/en/local/pdf/implementation-guides/8010035-en.pdf (accessed February 20, 2011)

  18. Olden, E.: Architecting a Cloud-Scale Identity Fabric. Computer 44(3), 52–59 (2011)

    Article  Google Scholar 

  19. Furlani, C.M.: Cloud Computing: Benefits and Risks of Moving Federal IT into the Cloud (online) National Institute of Standards and Technology, NIST (2010), http://www.nist.gov/director/ocla/testimony/upload/Cloud-Computing-testimony-FINAL-with-Bio.pdf (accessed October 2, 2010)

  20. Foster, I., Zhao, Y., Raicu, I., Lu, S.: Cloud Computing and Grid Computing 360-Degree Compared. In: Grid Computing Environments Workshop, GCE 2008, pp. 1–10 (2008)

    Google Scholar 

  21. VMware and SAVVIS, Securing the Cloud A Review of Cloud Computing, Security Implications and Best Practices (online) VMware (2009), http://www.savvis.net/en-US/Info_Center/Documents/Savvis_VMW_whitepaper_0809.pdf (accessed October 15, 2010)

  22. Jaeger, T., Schiffman, J.: Outlook: Cloudy with a chance of Security Challenges and Improvements. IEEE Security & Privacy 8(1), 77–80 (2010)

    Article  Google Scholar 

  23. Cloud Computing Use Case Discussion Group, Cloud Computing Use Cases White Paper Version 4.0. (online) Cloud Computing Use Case Discussion Group (2010), http://opencloudmanifesto.org/Cloud_Computing_Use_Cases_Whitepaper-4_0.pdf (accessed November 6, 2010)

  24. McMillan, R.: Cisco CEO: Cloud Computing a ‘Security nightmare (online) (2009), http://www.csoonline.com/article/490368/cisco-ceo-cloud-computing-a-security-nightmare (accessed October 20, 2010)

  25. Shah, D., Patel, D.: Dynamic and Ubiquitous Security Architecture for Global SOA. In: The Second International Conference on Mobile Ubiquitous Computing, Systems, Services and Technologies, Valencia, Spain, pp. 482–487 (2008)

    Google Scholar 

  26. Geric, S.: Security of Web Services based Service-oriented Architectures. In: Proceeding of the 33rd International Convention, MIPRO 2010, Opatija, Croatia, pp. 1250–1255 (2010)

    Google Scholar 

  27. Nordbotten, N.A.: XML and Web Services Security Standards. IEEE Communications Surveys & Tutorials 11(3), 4–21 (2009)

    Article  Google Scholar 

  28. Sachdeva, S., Machome, S., Bhalla, S.: Web Services Security Issues in Healthcare Applications. In: 9th IEEE/ACIS International Conference on Computer and Information Science (ICIS), Yamagata, pp. 91–96 (2010)

    Google Scholar 

  29. Douligeris, C., Ninios, G.P.: Security in Web Services. In: Dougligeris, C., Serpanos, D. (eds.) Network Security: Current Status and Future Directions, ch. 11, pp. 179–204. Wiley, IEEE Press Publisher (2007)

    Google Scholar 

  30. W3C, Web Services Architecture, W3C Working Group Note (online) World Wide Web Consortium (2004), http://www.w3.org/TR/ws-arch/#id2260892 (accessed January 20, 2011)

  31. CA Software, CA SOA Security Manager: Securing SOA / Web Services Based IT Architectures (online) CA (2007), http://www.ca.com/files/technologybriefs/34499-ca-soa-sm-tech-brf_162833.pdf (accessed February 17, 2011)

  32. Wynn, R.: Securing the Cloud: Is it a Paradigm Shift in Information Security. Hacking IT Security Magazine 5(7) (2010)

    Google Scholar 

  33. Wrenn, G.: CISSP, ISSEP, Unisys Secure Cloud Addressing the Top Threats of Cloud Computing, (online) (2010), White Paper, http://www.unisys.com/unisys/unisys/inc/pdf/whitepapers/38507380-000.pdf (accessed October 17, 2010)

  34. CSA, Top Threats to Cloud Computing V1.0 (online) Cloud Security Alliance (2010), https://cloudsecurityalliance.org/topthreats/csathreats.v1.0.pdf (accessed July 27, 2011)

  35. ENISA, Cloud Computing Bnefits, Risks and Recommendations for Information Security (online) European Network and Information Security Agency (2009), http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-risk-assessment/at_download/fullReport (accessed July 27, 2011)

  36. Jamil, D., Zaki, H.: Security Issues in Cloud Computing and Countermeasures. International Journal of Engineering Science and Technology (IJEST) 3(4) (2011) ISSN: 0975-5462

    Google Scholar 

  37. Grobauer, B., Walloschek, T., Stocker, E.: Understanding Cloud-Computing Vulnerabilities. IEEE Security & Privacy 9(2), 50–57 (2011)

    Article  Google Scholar 

  38. Elastic Security, Amazon EC2 ‘broad character’ support and Security impact on third party tools such as Elastic Detector (online), http://elastic-security.com/2011/02/18/amazon-ec2-broad-character-support-and-security-impact-on-third-party-tools-such-as-elastic-detector/ (accesssed July 30, 2011)

  39. Cisco and VMware, DMZ Virtualization Using VMware vSphere 4 and the Cisco Nexus 1000V Virtual Switch (online) (2009), http://www.vmware.com/files/pdf/dmz-vsphere-nexus-wp.pdf (accessed October 20, 2010)

  40. Trend Micro, Cloud Computing Security (online) A Trend Micro White Paper (2009), http://www.whitestratus.com/docs/making-vms-cloud-ready.pdf (accessed October 20, 2010)

  41. Discretix Technologies Ltd., n.d. Introduction to Side Channel Attacks (online), http://www.discretix.com/PDF/Introduction%20to%20Side%20Channel%20Attacks.pdf (accessed October 25, 2010)

  42. Ristenpart, T., Tromer, E., Schacham, H., Savage, S.: Hey, You, Get Off of My Cloud: Exploring Information Leakage in Third-Party compute Clouds. In: ACM Conference on Computer and Communications Security, Chicago (2009)

    Google Scholar 

  43. CSA, Domain 12: Guidance for Identity & Access Management V2.1 (online) Cloud Security Alliance (2010b), http://www.cloudsecurityalliance.org/guidance/csaguide-dom12-v2.10.pdf (accessed November 3, 2010)

  44. OASIS, Service Provisioning Markup Language (SPML) Version 1.0 (online) OASIS (2003a), http://www.oasis-open.org/committees/download.php/4137/os-pstc-spml-core-1.0.pdf (accessed November 4, 2010)

  45. Harding, P.: State of Cloud Identity. In: 2nd Annual Cloud Identity Summit, San Francisco (2011)

    Google Scholar 

  46. Mortimore, C., Harding, P., Madsen, P., Smarr, J.: Simple Cloud Identity Management: Core Schema 1.0 –draft1 (online) (2011), http://www.simplecloud.info/specs/draft-scim-core-schema-01.html (accessed September 10, 2011)

  47. Lynch, L.: Inside the Identity Management Game. IEEE Internet Computing 15(5), 78–82 (2011)

    Article  Google Scholar 

  48. Ping Identity, The Primer: Nuts and Bolts of Federated Identity Management White Paper (online) Ping Identity Corporation (2010a), http://secprodonline.com/~/media/SEC/Security%20Products/Whitepapers/2008/06/Ping%20Identity_WP_PrimerFIM%20pdf.ashx (accessed February 10, 2011)

  49. Ping Identity, SAML 101 White paper (online) Ping Identity Corporation (2010b), https://www.pingidentity.com/unprotected/upload/SAML-101.pdf (accesed February 10, 2011)

  50. OASIS, Security Assertion Markup Language (SAML) V2.0 Technical Overview (online) OASIS (2008), http://www.oasis-open.org/committees/download.php/20645/sstc-saml-tech-overview-2%200-draft-10.pdf (accessed November 10, 2010)

  51. Buecker, A., Ashley, P., Readshaw, N.: Federated Identity and Trust Management. International Bussiness Machines (IBM), Redpaper (2008)

    Google Scholar 

  52. OASIS, SAML V2.0 Executive Overview (online) OASIS (2005a), http://www.oasis-open.org/committees/download.php/13525/sstc-saml-exec-overview-2.0-cd-01-2col.pdf (accessed November 10, 2010)

  53. Majava, J., Biasiol, A., Van der Maren, A.: Report on comparison and assessment of eID management solutions interoperability (online) European Communities (2007), http://ec.europa.eu/idabc/servlets/Doceb29.pdf?id=29620 (accessed February 10, 2011)

  54. OAuth, n.d., OAuth Community Site (online), http://oauth.net/ (accessed September 10, 2011)

  55. Wu, W., Zhang, H., Li, Z.: Open Social based Collaborative Science Gateways. In: 11th IEEE/ACM International Symposium on Cluster, Cloud and Grid Computing (CCGrid), pp. 554–559 (2011)

    Google Scholar 

  56. Sun Microsystems, Inc., Sun’s XACML Implementation Programmer’s Guide for Version 1.2 (online) Sun Microsystems (2004), http://sunxacml.sourceforge.net/guide.html (accessed February 7, 2011)

  57. Bertino, E., Martino, L.D., Paci, E., Squicciarini, A.C.: Security for Web Services and Service-Oriented Architecture. Springer, Heidelberg (2010) ISBN 978-3-540-87741-7

    Book  Google Scholar 

  58. Lakshminarayanan, S.: Interoperable Security Standards for Web Services. IEEE IT Professional 12(5), 42–47 (2010)

    Article  Google Scholar 

  59. Goulding, J.T., Broberg, J., Gardiner, M.: Identity and access management for the cloud: CA’s strategy and vision (online) CA, Inc., White paper (2010), http://www.ca.com/files/WhitePapers/iam_cloud_security_vision_wp_236732.pdf (accessed August 11, 2011)

  60. Subashini, S., Kavitha, V.: A survey on security issues in service delivery models of cloud computing. Journal of Network and Computer Applications 34, 1–11 (2011)

    Article  Google Scholar 

  61. Fischer International Identity, LLC, Identity as a Service (IAAS) Technology, White paper (2009)

    Google Scholar 

  62. Fischer International Identity, LLC, Product Overview Introducing Fischer Identity, White paper (2009)

    Google Scholar 

  63. IBM Corporation, IBM Tivoli Access Management for Cloud and SOA environments (online) (2010), ftp://public.dhe.ibm.com/common/ssi/ecm/en/tis14053usen/TIS14053USEN_HR.PDF (accessed August 11, 2011)

  64. Novell, Novell Cloud Security Service 1.0 SP2 (online) Novell (2011), http://www.novell.com/documentation/novellcloudsecurityservice/ (accessed May 21, 2011)

  65. Novell, Annexing the Cloud Novell Cloud Security Service (online) Novell (2010), http://www.asiacloudforum.com/system/files/WP_Novell_annexing_cloud_security.pdf (accessed May 21, 2010)

Download references

Author information

Authors and Affiliations

  1. Automation and Applied Informatics Department, “Politehnica” University of Timisoara, Faculty of Automation and Computers, B-dul Vasile Parvan, nr. 2, 300223, Timisoara, Romania

    Alina Mădălina Lonea

  2. School of Engineering and Built Environment, Glasgow Caledonian University, Cowcaddens Road, Glasgow, G4 0BA, United Kingdom

    Huaglory Tianfield

  3. Computer Engineering Department, Faculty of Electrical Engineering and Information Technology, University of Oradea, Universitatii street, nr. 1, 410087, Oradea, Romania

    Daniela Elena Popescu

Authors
  1. Alina Mădălina Lonea
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Huaglory Tianfield
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Daniela Elena Popescu
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. , Department of Automation & Applied Infor, Aurel Vlaicu University of Arad, Blvd. Revolutiei 77, Arad, 310130, Romania

    Valentina Emilia Balas

  2. , Institute of Intelligent Engineering, Óbuda University, Népszínház u. 8, Budapest, 1081, Hungary

    János Fodor

  3. , Department of Mechatronics and, Óbuda University, Népszínház u. 8, Budapest, 1081, Hungary

    Annamária R. Várkonyi-Kóczy

Rights and permissions

Reprints and permissions

Copyright information

© 2013 Springer-Verlag Berlin Heidelberg

About this chapter

Cite this chapter

Lonea, A.M., Tianfield, H., Popescu, D.E. (2013). Identity Management for Cloud Computing. In: Balas, V., Fodor, J., Várkonyi-Kóczy, A. (eds) New Concepts and Applications in Soft Computing. Studies in Computational Intelligence, vol 417. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-28959-0_11

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-28959-0_11

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-28958-3

  • Online ISBN: 978-3-642-28959-0

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation