Abstract
Abstract Purpose Cloud computing systems represent one of the most complex computing systems currently in existence. Current applications of Cloud involve extensive use of distributed systems with varying degree of connectivity and usage. With a recent focus on large-scale proliferation of Cloud computing, identity management in Cloud based systems is a critical issue for the sustainability of any Cloud-based service. This area has also received considerable attention from the research community as well as the IT industry. Numerous Cloud Identity Management Systems (IDMSs) have been proposed so far; however, most of those systems are neither widely accepted nor considered highly reliable due to their constraints in terms of scope, applicability and security. In order to achieve reliability and effectiveness in IDMs for Cloud, further extensive research needs to be carried out to critically examine Cloud based IDMSs and their level of security. Methods In this work, we have holistically analyzed Cloud IDMSs to better understand the general as well as the security aspects of this domain. From the security perspective, we present a comprehensive list of attacks that occur frequently in Cloud based IDMSs. In order to alleviate those attacks, we present a well-organized taxonomy tree covering the most desired features essential for any Cloud-based IDMSs. Additionally, we have specified various mechanisms of realization (such as access control polices, encryption, self-service) against each of the features of Cloud IDMSs. We have further used the proposed taxonomy as an assessment criterion for the evaluation of Cloud based IDMSs. Results Our in-depth analysis of various Cloud based IDMSs reveals that most of the systems do not offer support to all the essential features of Cloud IDMS and the ones that do, have their own certain weaknesses. None of the discussed techniques heuristically covers all the security features; moreover, they lack compliance to international standards which, understandably, undermines their credibility. Conclusion Presented work will help Cloud subscribers and providers in understanding the available solutions as well as the involved risks, allowing them to make more knowledgeable decisions while selecting potential Cloud IDMSs that best suits their functional and security requirements.
Highlights
Cloud computing has emerged as a relatively new and influential paradigm for managing and delivering internet-based services and is considered to be an evolution of grid computing, which itself is based on traditional distributed system concepts (Youseff et al 2008)
This paper presents a holistic view of identity management domain: a brief introduction about the evolution of Identity Management Systems (IDMSs) followed by identity lifecycle management, categories of IDMSs, list of attacks that can be launched against an IDMS, features pertaining to the security of IDMSs in the form of well-informed taxonomy etc
We have contributed in this regard, by presenting a research work that holistically covers the domain of Cloud IDMSs
Summary
Cloud computing has emerged as a relatively new and influential paradigm for managing and delivering internet-based services and is considered to be an evolution of grid computing, which itself is based on traditional distributed system concepts (Youseff et al 2008). Google (PaaS), Amazon (PaaS and IaaS) and Salesforce (SaaS) are few examples of major Cloud Service Providers (CSP) that offer on-demand and low-cost services/applications to the Cloud Service Consumers (CSC). Another aspect of the Cloud systems is complexity. What is a problem here is the fact that unlike the brain, where the connecting neurons are already authenticated, cloud systems require extensive authentication as well as identity management systems Still, these are not enough to cater for the ever-growing requirements of novel paradigms such as the Internet of Things (IoT) in relation to its connectivity with the cloud
Sign-in/Register to view highlights & summary Sign-in/Register to access full text options 
Free) 
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call
