Document Type : Research Paper

Authors

1 LJMU-School of Comp. & Math.Liverpool, UK

2 University of Anbar - College of Computer

10.37652/juaps.2012.63234

Abstract

Cloud computing is new technology that provides cheaper, easier, and more powerful processes to customers over internet. The cloud service provider (CSP) provides virtualized resources on Internet instead of using software or storage on a local computer. The economic benefits are the main reason for using cloud computing. Cloud computing dynamically delivers everything as a service (XaaS) over the internet based on user demand, such as network, operating system, storage, hardware, software, and resources. Thus, many security and privacy issues must be taken into consideration. The services of cloud computing are usually classified into three types: Infrastructure as a Service (IaaS), Platform as a Service (PaaS) and Software as a Service (SaaS). This paper aims to achieve two main goals. The first is to review the field of cloud computing with an emphasis on the identity and access management (IAM) in the cloud. Secondly, we will report on our ongoing work for developing a novel system for IAM based on the techniques of Identity-Based Cryptography (IBC) security mediated cryptography. The proposed system architecture will be outlined along with some of the major operational steps.

Keywords

Main Subjects

[1]     Peter Mell and Timothy Grance, "The NIST definition of cloud computing,” Recommendations of National Institute of Standards and Technology, National Institute of Standards and Technology Special Publication 800-145,  September 2011.
[2]     Rajkumar Buyya, Chee Shin Yeo, and Srikumar Venugopal, ”Market-Oriented Cloud Computing: Vision, Hype, and Reality for Delivering IT Services as Computing Utilities, ”  The 10th IEEE International Conference on High Performance Computing and Communications, 2008.
[3]     Liang Yan, Chunming Rong, and Gansen Zhao, ”Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography,” M.G. Jaatun, G. Zhao, and C. Rong (Eds.): CloudCom 2009, LNCS 5931, pp. 167–177, 2009, Springer-Verlag Berlin Heidelberg 2009, pp.167-169.
[4]     Kungliga Tekniska Högskolan, "Exploring the limits of cloud computing,” Masters Thesis, Stockholm, Sweden , October 4, 2010, pp.7-20.
[5]     Noemi Antedomenico, ”Optimizing security of cloud computing within the DoD,” Thesis, NAVAL POSTGRADUATE SCHOOL, MONTEREY, CALIFORNIA, December 2010. Approved for public release.
[6]     Saurabh Kumar and  Rajkumar Buyya, Green Cloud Computing and Environmental Sustainability, Harnessing Green IT: Principles and Practices, S. Murugesan and G. Gangadharan (eds), Wiley Press, UK, 2011 (in press, accepted on April 2, 2011), pp. 4-8.
[7]     Shuai Zhang, Shufen Zhang, Xuebin Chen and Xiuzhen Huo, ”Cloud Computing Research and Development Trend,” IEEE, Second International Conference on Future Networks, 2010.
[8]     Rajarshi Chakraborty, Srilakshmi Ramireddy, T.S. Raghu and H. Raghav Rao, ”The Information Assurance Practices of Cloud Computing Vendors”,  presented at IT Professional, 2010, pp.29-37 , Artical published by the IEEE computer society, pp.29-30.
[9]     Eystein Mathisen, ”Security Challenges and Solutions in Cloud Computing”, 5th IEEE International Conference on Digital Ecosystems and Technologies (IEEE DEST 2011), 31 May -3 June 2011, Daejeon, Korea.
[10] Cloud Security Alliance, ”Security Guidance for Critical Areas of Focus In Cloud Computing”, V2.1, Article, December 2009, http://www.cloudsecurityalliance.org/guidance/csaguide.v2.1.pdf, pp.16-68.
[11] S. Ramgovind, M. Eloff, and E. Smith, ”The Management of Security in Cloud Computing”, Information Security for South Africa, IEEE, 2010.
[12] United States Government Accountability Office, Report to Congressional Requesters, GAO, ”INFORMATION SECURITY Federal Guidance Needed to Address Control Issues with Implementing Cloud Computing”, Articale, May 2010, pp.12-14.
[13] Jianfeng Yang and Zhibin Chen, ”Cloud Computing Research and Security Issues”, Journal: 2010 International Conference on Computational Intelligence and Software Engineering Year: 2010 Pages: 1-3 Provider: IEEE Publisher.
[14] Sameera Abdulrahman Almulla and Chan Yeob Yeun, ”Cloud Computing Security Management”, Engineering Systems Management and Its Applications (ICESMA), 2010 Second International Conference on Issue Date: March 30 2010-April 1 2010 , pp 1 - 7, Sharjah, pp.2-5.
[15] Ngongang guy mollet , ”Cloud computing security”, Thesis, Helsinki Metropolia University of Applied Sciences, April 11, 2011.
[16] Dirk C. Aumueller, ”IT-Compliance Analysis for Cloud Computing”, Thesis, University of Applied Sciences Darmstadt, 16 August 2010.
[17] Cyber security operations centre, ”Cloud Computing Security Considerations”, Initial Guidance, Australian government, depertment of defence, 12 April 2011.
[18] Manny Siddiqui, ”Cloud Computing Security”, Paper Blog, INFO 661, Spring 2011.
[19] Guido Kok, ”Cloud Computing and confidentiality”, Thises, Univirsity of Twente, May2010.
[20] Amit Sangroya, Saurabh Kumar, Jaideep Dhok, and Vasudeva Varma, ”Towards Analyzing Data Security Risks in Cloud Computing Environments”, S.K. Prasad et al. (Eds.): ICISTM 2010, CCIS 54, pp. 255–265, 2010.
[21] Wayne Jansen and Timothy Grance, ”Guidelines on Security and Privacy in Public Cloud Computing”, National Institute of Standards and Technology Draft Special Publication 800-144, January 2011.
[22] Krešimir Popović and Željko Hocenski, ”Cloud computing security issues and challenges”, IEEE, MIPRO 2010, May 24-28, 2010, Opatija, Croatia.
[23] V.KRISHNA REDDY and Dr. L.S.S.REDDY, ”Security Architecture of Cloud Computing”, V.Krishna Reddy et al. / International Journal of Engineering Science and Technology (IJEST), Vol. 3 No. 9 September 2011, pp.7151-7152.
[24] J. Tony Goulding, ”Identity and access management for the cloud: CA’s strategy and vision”, White Paper, CA Technologies, May 2010, pp.3-13.
[25] Steffen Schreiner, ”The Impact of Linux Superuser Privileges on System and Data Security within a Cloud Computing Storage Architecture” , Thesis, Technische Universität Darmstadt, April 2009.
[26] Frank John Krautheim, ”Building trust into utility cloud computing”, Dissertation, Faculty of the Graduate School of the University of Maryland, Baltimore County, 2010.
[27] Bob Blakley, ”Symplified the cloud security company”, Burton Group, Services data sheet, 2010, PP.1-7.