Safiriyu Eludiora, Olatunde Abiona, Ayodeji Oluwatope, Adeniran Oluwaranti, Clement Onime, Lawrence Kehinde
.
DOI: 10.4236/ijcns.2011.43019   PDF    HTML     9,457 Downloads   19,189 Views   Citations

Abstract

Cloud computing paradigm is a service oriented system that delivers services to the customer at low cost. Cloud computing needs to address three main security issues: confidentiality, integrity and availability. In this paper, we propose user identity management protocol for cloud computing customers and cloud service providers. This protocol will authenticate and authorize customers/providers in other to achieve global security networks. The protocol will be developed to achieve the set global security objectives in cloud computing environments. Confidentiality, integrity and availability are the key challenges of web services’ or utility providers. A layered protocol design is proposed for cloud computing systems, the physical, networks and application layer. However, each layer will integrate existing security features such as firewalls, NIDS, NIPS, Anti-DDOS and others to prevent security threats and attacks. System vulnerability is critical to the cloud computing facilities; the proposed protocol will address this as part of measures to secure data at all levels. The protocol will protect customers/cloud service providers’ infrastructure by preventing unauthorized users to gain access to the service/facility.

Keywords

Cloud Computing, Confidentiality, Integrity, Availability, Identity Management, Authentication

Share and Cite:

Conflicts of Interest

The authors declare no conflicts of interest.

References

[1]	D. Chappell, “A Short Introduction to Cloud Platforms an Enterprise—Oriented View,” Chappell and Associates, San Francisco, 2008, pp. 1-13.
[2]	T. B. Winans and J. S. Brown, “Cloud Computing: A Collection of Working Papers,” Deloitte Consulting LLP, New York, pp. 1-27.
[3]	Stratus Technologies, “Server Virtualization and Cloud Computing: Four Hidden Impacts on Uptime and Availability,” A White Paper by Stratus Technologies, June 2009.
[4]	Oracle, “Architectural Strategies for Cloud Computing,” An Oracle White Paper in Enterprise Architecture, August 2009.
[5]	G. Boss, P. Malladi, D. Quan, L. Legregni and H. Hall, “Cloud Computing,” IBM Corporation, New York, August 2007.
[6]	NIST, January 2010. http://www.nist.gov/
[7]	P. Mell and T. Grance, “Effectively and Securely: Using the Cloud Computing Paradigm,” NIST, Information Te- chnology Laboratory, Boulder, December 2009.
[8]	The European Network and Information Security Agency (ENISA), “Cloud Computing: Benefits, Risks and Recommendations for Information Security,” November 2009. http://www.enisa.europa.eu/
[9]	Juniper Networks, “Implementation Identity Federation in a Hybrid Cloud Computing Environment Solution Guide,” October 2009.
[10]	FISMA, January 2010. http://csrc.nist.gov/drivers/documents/FISMA-final.pdf
[11]	http://csrc.nist.gov/drivers/documents/FISMA-final.pdf
[12]	P. Bryden, D. C. Kirkpatrick and F. Moghadami, “Security Authorization: An Approach for Community Cloud Computing Environments,” White Paper, November 2009.
[13]	Gartner, “Assessing the Security Risks of Cloud Computing,” 2009. http://www.gartner.com/DisplayDocument?id=685308
[14]	S. So, “Cloud Computing and Information Security,” Info-Security Project, No. 3, May 2009.
[15]	G. Treu, F. Fuchs and C. Dargatz, “Implicit Authorization for Social Location Disclosure,” Journal of Software, Vol. 3, No. 1, 2008, pp. 18-26.
[16]	M. E. Whiteman and H. J. Mattord, “Principles of Information Security,” 2nd Edition, Thomson Course Technology, Massachusetts, 2005.
[17]	P. Venkataram and B. S. Babu, “An Authentication Sche- me for Ubiquitous Commerce: A Cognitive Agents Based Approach,” Proceedings of IEEE Workshops on Network Operations and Management Symposium Workshops, Salvador da Bahia, 7-11 April 2008, pp. 248-256.
[18]	A. Gopalakrishnan, “Cloud Computing Identity Manage- ment,” SETLabs Briefings, Vol. 7, No. 7, 2009, pp. 45- 54.