身份即服务中保护隐私的用户身份

2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN) Pub Date : 2018-02-01 DOI:10.1109/ICIN.2018.8401613

T. H. Vo, W. Fuhrmann, K. Fischer-Hellmann

{"title":"身份即服务中保护隐私的用户身份","authors":"T. H. Vo, W. Fuhrmann, K. Fischer-Hellmann","doi":"10.1109/ICIN.2018.8401613","DOIUrl":null,"url":null,"abstract":"In Federated Identity Management, providers from different security domains exchange messages containing authentication and authorisation credentials of users. As a result, a user can use his Personal Identifiable Information (PII) from one or more Identity Providers to gain access to other sites. Disseminating PII over intermediaries also requires protecting PII from being misused and unauthorised access. Identity-as-a- Service (IDaaS) provides a federated identity for users to access multiple Cloud services on demand but may preserve user privacy. In this paper, we present a novel approach for preserving privacy in IDaaS by combining Purpose Based Access Control and Attribute-based Encryption with multi-authorities support. Our approach is suitable for sharing sensitive user information in a large distributed and heterogeneous environment.","PeriodicalId":103076,"journal":{"name":"2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)","volume":"32 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2018-02-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"6","resultStr":"{\"title\":\"Privacy-preserving user identity in Identity-as-a-Service\",\"authors\":\"T. H. Vo, W. Fuhrmann, K. Fischer-Hellmann\",\"doi\":\"10.1109/ICIN.2018.8401613\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"In Federated Identity Management, providers from different security domains exchange messages containing authentication and authorisation credentials of users. As a result, a user can use his Personal Identifiable Information (PII) from one or more Identity Providers to gain access to other sites. Disseminating PII over intermediaries also requires protecting PII from being misused and unauthorised access. Identity-as-a- Service (IDaaS) provides a federated identity for users to access multiple Cloud services on demand but may preserve user privacy. In this paper, we present a novel approach for preserving privacy in IDaaS by combining Purpose Based Access Control and Attribute-based Encryption with multi-authorities support. Our approach is suitable for sharing sensitive user information in a large distributed and heterogeneous environment.\",\"PeriodicalId\":103076,\"journal\":{\"name\":\"2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)\",\"volume\":\"32 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2018-02-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"6\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICIN.2018.8401613\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICIN.2018.8401613","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 6

摘要

在Federated Identity Management中，来自不同安全域的提供者交换包含用户身份验证和授权凭证的消息。因此，用户可以使用来自一个或多个身份提供者的个人可识别信息(PII)来访问其他站点。在中介体上传播PII还需要保护PII免遭滥用和未经授权的访问。身份即服务(IDaaS)为用户提供了一个联邦身份，以便按需访问多个云服务，但可能会保护用户隐私。在本文中，我们提出了一种在IDaaS中保护隐私的新方法，该方法将基于目的的访问控制和基于属性的加密与多授权支持相结合。该方法适用于在大型分布式异构环境中共享敏感用户信息。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

Privacy-preserving user identity in Identity-as-a-Service

In Federated Identity Management, providers from different security domains exchange messages containing authentication and authorisation credentials of users. As a result, a user can use his Personal Identifiable Information (PII) from one or more Identity Providers to gain access to other sites. Disseminating PII over intermediaries also requires protecting PII from being misused and unauthorised access. Identity-as-a- Service (IDaaS) provides a federated identity for users to access multiple Cloud services on demand but may preserve user privacy. In this paper, we present a novel approach for preserving privacy in IDaaS by combining Purpose Based Access Control and Attribute-based Encryption with multi-authorities support. Our approach is suitable for sharing sensitive user information in a large distributed and heterogeneous environment.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2018 21st Conference on Innovation in Clouds, Internet and Networks and Workshops (ICIN)

自引率

0.00%

发文量