An Updateable Token-Based Schema for Authentication and Access Management in Clouds

Tayyebe Emadinia, Faraz Fatemi Moghaddam, P. Wieder, Shirin Dabbaghi Varnosfaderani, R. Yahyapour
{"title":"An Updateable Token-Based Schema for Authentication and Access Management in Clouds","authors":"Tayyebe Emadinia, Faraz Fatemi Moghaddam, P. Wieder, Shirin Dabbaghi Varnosfaderani, R. Yahyapour","doi":"10.1109/FiCloud.2019.00015","DOIUrl":null,"url":null,"abstract":"Cloud computing is getting universally in production and hence, comprising more valuable information resources. Therefore, providing a secure infrastructure to exchange information is more vital and inevitable. Attackers are looking for a way to penetrate these systems and exploit various techniques, such as account hijack and denial of service attacks, to obtain the information or develop a disorder in the system. The creation of treat models helps to identify the vulnerabilities, prevent potential attacks, and consider appropriate mechanisms to mitigate them. One of these mechanisms is the access control list and the role-based access control list is one of its variants that defines some user groups and allocates resources to specific groups. Token-based authentication is another mechanism which helps to maintain security. When a user requests to access a resource, initially it must be authenticated by a username and represents a token. In this effort, by using the concept of role-based access control and JSON web token framework, a customized framework is proposed and implemented with a higher level of security in comparison to a standard JSON web token framework. Moreover, this proposal has the ability to update the status of access to resources in case of changing access policies by the policy engine.","PeriodicalId":268882,"journal":{"name":"2019 7th International Conference on Future Internet of Things and Cloud (FiCloud)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 7th International Conference on Future Internet of Things and Cloud (FiCloud)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/FiCloud.2019.00015","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
引用次数: 2

Abstract

Cloud computing is getting universally in production and hence, comprising more valuable information resources. Therefore, providing a secure infrastructure to exchange information is more vital and inevitable. Attackers are looking for a way to penetrate these systems and exploit various techniques, such as account hijack and denial of service attacks, to obtain the information or develop a disorder in the system. The creation of treat models helps to identify the vulnerabilities, prevent potential attacks, and consider appropriate mechanisms to mitigate them. One of these mechanisms is the access control list and the role-based access control list is one of its variants that defines some user groups and allocates resources to specific groups. Token-based authentication is another mechanism which helps to maintain security. When a user requests to access a resource, initially it must be authenticated by a username and represents a token. In this effort, by using the concept of role-based access control and JSON web token framework, a customized framework is proposed and implemented with a higher level of security in comparison to a standard JSON web token framework. Moreover, this proposal has the ability to update the status of access to resources in case of changing access policies by the policy engine.
一种可更新的基于令牌的云认证和访问管理模式
云计算在生产中越来越普遍,因此包含了更多有价值的信息资源。因此,提供一个安全的基础设施来交换信息是更加重要和不可避免的。攻击者正在寻找一种方法来渗透这些系统,并利用各种技术,如帐户劫持和拒绝服务攻击,以获取信息或在系统中制造混乱。治疗模型的创建有助于识别漏洞,防止潜在的攻击,并考虑适当的机制来减轻它们。其中一种机制是访问控制列表,基于角色的访问控制列表是其变体之一,它定义了一些用户组并将资源分配给特定组。基于令牌的身份验证是另一种有助于维护安全性的机制。当用户请求访问资源时,最初必须通过用户名进行身份验证,并表示令牌。在这项工作中,通过使用基于角色的访问控制和JSON web令牌框架的概念,提出并实现了一个与标准JSON web令牌框架相比具有更高安全级别的定制框架。此外,在策略引擎更改访问策略时,该建议具有更新资源访问状态的能力。
本文章由计算机程序翻译,如有差异,请以英文原文为准。
求助全文
约1分钟内获得全文 求助全文
来源期刊
自引率
0.00%
发文量
0
×
引用
GB/T 7714-2015
复制
MLA
复制
APA
复制
导出至
BibTeX EndNote RefMan NoteFirst NoteExpress
×
提示
您的信息不完整,为了账户安全,请先补充。
现在去补充
×
提示
您因"违规操作"
具体请查看互助需知
我知道了
×
提示
确定
请完成安全验证×
copy
已复制链接
快去分享给好友吧!
我知道了
右上角分享
点击右上角分享
0
联系我们:info@booksci.cn Book学术提供免费学术资源搜索服务,方便国内外学者检索中英文文献。致力于提供最便捷和优质的服务体验。 Copyright © 2023 布克学术 All rights reserved.
京ICP备2023020795号-1
ghs 京公网安备 11010802042870号
Book学术文献互助
Book学术文献互助群
群 号:481959085
Book学术官方微信