EIDM: A Ethereum-Based Cloud User Identity Management Protocol

Abstract

In cloud system, user identity authentication is a key problem. If design defects persist in a cloud user identity authentication scheme, direct risks of sensitive data loss and severe information breach will be incurred. At present, the main problem of cloud user identity management system is that it relies too much on third-party services. Although some third-party-detachment schemes have been proposed in recent years, most of them still rely heavily on cloud server-centered design system. In this paper, a cloud user identity management protocol based on ethereum blockchain was proposed, followed by an establishment of a simple credit management system framework. The new protocol is an improved version of CIDM (Consolidated Identity Management) referred to as EIDM (Ethrerum-based Identity Management) protocol. In the improved protocol, JWT (JSON Web Token) in OAuth 2.0 was used to introduce smart contracts into EIDM protocol, and the credit management system was added to the system so that it can provide a credible identity authentication protocol for cloud users and service providers. The new protocol solves the problem of over-reliance on third parties in the existing identity management system solutions. In the end, an analysis on the security of the new protocol showed that the EIDM protocol proposed in this paper presents more diversified security guarantees relative to the CIDM protocol. The performance evaluation results also indicated that the new protocol demonstrates better practicability and flexibility.