Abstract
Nowadays, we are moving quickly to a new Identity concept due to the cloud computing paradigm called Identity as a Service (IDaaS). However, the one Identity adoption for all services access does not bring only good news. Hackers are increasing more and more their attacks based Identity theft. This means that the security of Identity itself becomes a threat vector. Therefore, this paper focuses on the concept of using Virtual Identity ( $$V_{ID}$$ ) under the framework of IDaaS. This IDaaS is well known for Software as a Service (SaaS) cloud deployment model authentication. It can be delivered by a a third party Identity providers for the whole identity management approach including the creation process, the authentication mechanism and the identity privacy assurance level. Moreover, the proposed $$V_{ID}$$ mechanism for IDaaS framework is considered as a new realization for anonymous Single Sign On (SSO) in this distributed cloud services environments. Actually, we proposed the $$V_{ID}$$ creation framework using Elliptic Curve Cryptography (ECC). After we designed the two approaches either Identity Based Encryption (IBE) or Pseudonym Based Encryption (PBE), we implemented them by MIRACL security library. In order to judge on our solutions security measure, we used the (AVISPA) tool to assess the IBE and PBE protocols vulnerabilities. AVISPA: Automated Validation of Internet Security Protocols and Applications uses a group of applications to build and analyze the formal models of many known or designed security protocols. Through its language structure, we built our communication protocols in a descriptive way. The analysis of our $$V_{ID}$$ proposed approaches based on IBE and PBE using AVISPA back-ends indicated that both of them are safe (i.e. no attacks found). So, the $$V_{ID}$$ proposed approaches based on IBE and PBE are suitable and scalable enough to secure the anonymous communication in cloud services environment comparing to the state of the art solutions.
Sign-in/Register to access full text options 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a callDisclaimer: All third-party content on this website/platform is and will remain the property of their respective owners and is provided on "as is" basis without any warranties, express or implied. Use of third-party content does not indicate any affiliation, sponsorship with or endorsement by them. Any references to third-party content is to identify the corresponding services and shall be considered fair use under The CopyrightLaw.
