An Approach to Identity Management in Clouds without Trusted Third Parties
This addresses privacy and security issues for cloud users by providing a robust, efficient solution without relying on trusted entities, though it appears incremental as it builds on existing cryptographic techniques.
The paper tackles identity management in cloud computing by proposing a scheme that eliminates the need for trusted third parties, combining RSA distributed key generation and attribute-based encryption to achieve features like single sign-on and credential revocation.
The management of sensitive data, including identity management (IDM), is an important problem in cloud computing, fundamental for authentication and fine-grained service access control. Our goal is creating an efficient and robust IDM solution that addresses critical issues in cloud computing. The proposed IDM scheme does not rely on trusted third parties (TTPs) or trusted dealers. The scheme is a multiparty interactive solution that combines RSA distributed key generation and attribute-based encryption. We believe that it will be a robust IDM privacy-preserving solution in cloud computing, because it has the following features: (i) protects sensitive data on untrusted hosts using active bundle; (ii) supports the minimum disclosure property; (iii) minimizes authentication overhead by providing single sign-on; (iv) supports authentication with encrypted credentials; (v) avoids using trusted third parties (TTPs_, incl. using TTPs for key management; (vi) supports revocation and delegation of access right; and (vii) supports revocation of user credentials. The scheme should also be efficient because it exploits parallelism.