Skip to main content
SpringerLink
Log in

User-Centric Identification Management for Cross Realm Cloud and Ubiquitous Computing

  • Conference paper
  • First Online:
Future Information Technology, Application, and Service

Part of the book series: Lecture Notes in Electrical Engineering ((LNEE,volume 164))

  • 1729 Accesses

Abstract

User identification is undoubtedly important in cyber world. Traditionally, services use login name and password to verify a user. With the rising services of cloud and ubiquitous computing, it becomes a burden for users to memorize all their login name and password pairs for each service they need. Although the advance of new technologies brings us new authentication channels, the purpose of these technologies are for the service provider to be convinced the claimer is really who he or she claims. Few of them have ever concerned about user’s anonymity. In this paper, a novel credential based user-centric identification management based on the federated model is proposed. It satisfies the essential of user-centric and ubiquitous computing. Besides, the method keeps the user-centric consideration about anonymity. It supports all the anonymous, pseudonymous, and veronymous identity for user with single-sign-on.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 169.00
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 219.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info
Hardcover Book
USD 219.99
Price excludes VAT (USA)
  • Durable hardcover edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. Olden, E.: Architecting a cloud-scale identity fabric. IEEE Comput. 44(3), 52–59 (2011)

    Article  Google Scholar 

  2. Pashalidis, A., Mitchell, C.J.: A taxonomy of single sign-on systems. LNCS 2727, 249–264 (2003)

    Google Scholar 

  3. Shim, S.S.Y., Bhalla, G., Pendyala, V.: Federated UID management. IEEE Comput. 38(12), 120–122 (2005)

    Article  Google Scholar 

  4. Perlman, R,. Kaufman, C.: User-centric PKI. In: Proceedings of the 7th Symposium on Identity and Trust on the Internet, pp. 59–71, March 2008

    Google Scholar 

  5. Bellovin, S., Merritt, M.: Encrypted Key exchange: password-based protocols secure against dictionary attacks. In: Proceedings of IEEE Symposium on Research in Security and Privacy, pp. 72–84, May 1992

    Google Scholar 

  6. Steiner, M., Tsudik, G., Waidner, M.: Refinement and extension of encrypted key exchange. Oper. Syst. Rev. 29(3), 22–30 (1995)

    Article  Google Scholar 

  7. Jablon, D.: Strong password-only authenticated key exchange. Comp. Comm. Rev. 26(5), 5–26 (1996)

    Article  Google Scholar 

  8. Lucks, S.: Open key exchange: how to defeat dictionary attacks without encrypting public keys. LNCS 1361, 79–90 (1997)

    Google Scholar 

  9. Wu, T.: The secure remote password protocol. In: Proceedings of the 1998 Internet Society Network and Distributed System Security Symposium, pp. 97–111, March 1998

    Google Scholar 

  10. Perlman, R., Kaufman, C.: PDM: A new strong password-based protocol. In: Proceedings of the 10th Conference on USENIX Security Symposium, pp. 23–23, Aug 2001

    Google Scholar 

  11. Chandra, R., Mehrotra, S., Venkasubramanian, N.: Pvault: a client server system providing mobile access to personal data. In: Proceedings of the 2005 ACM Workshop on Storage Security and Survivability, pp. 123–129, 2005

    Google Scholar 

  12. Yee, K., Sitaker, K.: Passpet: convenient password management and phishing protection. In: Proceedings of the Second Symposium on Usable Privacy and Security, pp. 32–43, 2006

    Google Scholar 

  13. Lava Software Pty. Ltd.: Password Vault User Manual, 2007, http://www.lavasoftware.com/pv/contents.html

  14. Sxipper, http://www.sxipper.com/

  15. Shibboleth, http://shibboleth.internet2.edu/

  16. Harding, P., Johansson, L., Klingenstein, N.: Dynamic security assertion markup language: simplifying single sign-on. IEEE Secur. Priv. 6(2), 83–85 (2008)

    Google Scholar 

  17. OpenID libraries, http://wiki.openid.net/Libraries

  18. Bertocci, V., Serack, G., Baker, C.: Understanding windows cardspace: an introduction to the concepts and challenges of digital identities. Addison-Wesley, Amsterdam (2007)

    Google Scholar 

  19. OpenLiberty, http://openliberty.org/

  20. Lopes, C.: Hypergrid: architecture and protocol for virtual world interoperability. IEEE Internet Comput. 15(5), 22–29 (2011)

    Article  Google Scholar 

  21. Wang, R.C., Chang, Y.C., Chang, R.S.: A semantic service approach for ubiquitous computing. J. Intell. Manuf. 20(3), 327–335 (2009)

    Article  Google Scholar 

  22. Chaum, D.: Security without identification: transaction systems to make big brother obsolete. Commun. ACM 28(10), 1035–1044 (1985)

    Article  Google Scholar 

  23. Bellare, M., Kilian, J., Rogaway, P.: The security of the cipher block chaining message authentication code. J. Comput. Syst. Sci. 61(3), 362–399 (2000)

    Article  MathSciNet  MATH  Google Scholar 

  24. Vecchio, D.D., Humphrey, M., Basney, J., Nagaratnam, N.: CredEx: user-centric credential management for grid and web services. In: Proceedings of the IEEE International Conference on Service, pp. 149–156, 2005

    Google Scholar 

  25. Burr, W.E., Dodson, D.F., Polk, W.T.: Electronic authentication guideline, NIST Special Publication 800-63, April 2006

    Google Scholar 

  26. Sandhu, R.S.: Relational Database Access Controls, Handbook of Information Security Management, pp. 145–160, Auerbach Publishers, Philadelphia, 1994

    Google Scholar 

Download references

Acknowledgment

This work was partially supported by the National Science Council in Taiwan through Grant NSC 100-2221-E-143-002-.

Author information

Authors and Affiliations

  1. Department of Computer Science and Information Engineering, National Taitung University, No. 684, Sec. 1, Chunghua Rd, Taitung, Taiwan

    Reen-Cheng Wang

Authors
  1. Reen-Cheng Wang
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Reen-Cheng Wang .

Editor information

Editors and Affiliations

  1. SeoulTech, Computer Science and Engineering, Seoul University of Science & Technology, Gongreung 2-dong 172, Seoul, 139-742, Korea, Republic of (South Korea)

    James J. (Jong Hyuk) Park

  2. , Electrical and Computer Engineering, The University of British Columbia, Room 4013, Kaiser Building, Main Mall 2332, Vancouver, V6T 1Z4, British Columbia, Canada

    Victor C.M. Leung

  3. The University of Hong Kong, Hong Kong, 1, China, People's Republic

    Cho-Li Wang

  4. , Division of Information and Computer Eng, Ajou University, San 5, Suwon, Gyeonggido, 443-749, Korea, Republic of (South Korea)

    Taeshik Shon

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer Science+Business Media Dortdrecht

About this paper

Cite this paper

Wang, RC. (2012). User-Centric Identification Management for Cross Realm Cloud and Ubiquitous Computing. In: J. (Jong Hyuk) Park, J., Leung, V., Wang, CL., Shon, T. (eds) Future Information Technology, Application, and Service. Lecture Notes in Electrical Engineering, vol 164. Springer, Dordrecht. https://doi.org/10.1007/978-94-007-4516-2_37

Download citation

  • DOI: https://doi.org/10.1007/978-94-007-4516-2_37

  • Published:

  • Publisher Name: Springer, Dordrecht

  • Print ISBN: 978-94-007-4515-5

  • Online ISBN: 978-94-007-4516-2

  • eBook Packages: EngineeringEngineering (R0)

Publish with us

Policies and ethics

Search

Navigation