Tayyebe Emadinia, Faraz Fatemi Moghaddam, P. Wieder, Shirin Dabbaghi Varnosfaderani, R. Yahyapour
{"title":"一种可更新的基于令牌的云认证和访问管理模式","authors":"Tayyebe Emadinia, Faraz Fatemi Moghaddam, P. Wieder, Shirin Dabbaghi Varnosfaderani, R. Yahyapour","doi":"10.1109/FiCloud.2019.00015","DOIUrl":null,"url":null,"abstract":"Cloud computing is getting universally in production and hence, comprising more valuable information resources. Therefore, providing a secure infrastructure to exchange information is more vital and inevitable. Attackers are looking for a way to penetrate these systems and exploit various techniques, such as account hijack and denial of service attacks, to obtain the information or develop a disorder in the system. The creation of treat models helps to identify the vulnerabilities, prevent potential attacks, and consider appropriate mechanisms to mitigate them. One of these mechanisms is the access control list and the role-based access control list is one of its variants that defines some user groups and allocates resources to specific groups. Token-based authentication is another mechanism which helps to maintain security. When a user requests to access a resource, initially it must be authenticated by a username and represents a token. In this effort, by using the concept of role-based access control and JSON web token framework, a customized framework is proposed and implemented with a higher level of security in comparison to a standard JSON web token framework. Moreover, this proposal has the ability to update the status of access to resources in case of changing access policies by the policy engine.","PeriodicalId":268882,"journal":{"name":"2019 7th International Conference on Future Internet of Things and Cloud (FiCloud)","volume":"53 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2019-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"2","resultStr":"{\"title\":\"An Updateable Token-Based Schema for Authentication and Access Management in Clouds\",\"authors\":\"Tayyebe Emadinia, Faraz Fatemi Moghaddam, P. Wieder, Shirin Dabbaghi Varnosfaderani, R. Yahyapour\",\"doi\":\"10.1109/FiCloud.2019.00015\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Cloud computing is getting universally in production and hence, comprising more valuable information resources. Therefore, providing a secure infrastructure to exchange information is more vital and inevitable. Attackers are looking for a way to penetrate these systems and exploit various techniques, such as account hijack and denial of service attacks, to obtain the information or develop a disorder in the system. The creation of treat models helps to identify the vulnerabilities, prevent potential attacks, and consider appropriate mechanisms to mitigate them. One of these mechanisms is the access control list and the role-based access control list is one of its variants that defines some user groups and allocates resources to specific groups. Token-based authentication is another mechanism which helps to maintain security. When a user requests to access a resource, initially it must be authenticated by a username and represents a token. In this effort, by using the concept of role-based access control and JSON web token framework, a customized framework is proposed and implemented with a higher level of security in comparison to a standard JSON web token framework. Moreover, this proposal has the ability to update the status of access to resources in case of changing access policies by the policy engine.\",\"PeriodicalId\":268882,\"journal\":{\"name\":\"2019 7th International Conference on Future Internet of Things and Cloud (FiCloud)\",\"volume\":\"53 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2019-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"2\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2019 7th International Conference on Future Internet of Things and Cloud (FiCloud)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/FiCloud.2019.00015\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2019 7th International Conference on Future Internet of Things and Cloud (FiCloud)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/FiCloud.2019.00015","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
An Updateable Token-Based Schema for Authentication and Access Management in Clouds
Cloud computing is getting universally in production and hence, comprising more valuable information resources. Therefore, providing a secure infrastructure to exchange information is more vital and inevitable. Attackers are looking for a way to penetrate these systems and exploit various techniques, such as account hijack and denial of service attacks, to obtain the information or develop a disorder in the system. The creation of treat models helps to identify the vulnerabilities, prevent potential attacks, and consider appropriate mechanisms to mitigate them. One of these mechanisms is the access control list and the role-based access control list is one of its variants that defines some user groups and allocates resources to specific groups. Token-based authentication is another mechanism which helps to maintain security. When a user requests to access a resource, initially it must be authenticated by a username and represents a token. In this effort, by using the concept of role-based access control and JSON web token framework, a customized framework is proposed and implemented with a higher level of security in comparison to a standard JSON web token framework. Moreover, this proposal has the ability to update the status of access to resources in case of changing access policies by the policy engine.