Digital Identity Management in Cloud

Digital Identity Management in Cloud

Vladimir Vujin (University of Belgrade, Serbia), Konstantin Simić (University of Belgrade, Serbia) and Borko Kovačević (Microsoft, Serbia)
Copyright: © 2015 |Pages: 26
DOI: 10.4018/978-1-4666-6539-2.ch076

Abstract

Existing approaches for management of digital identities within e-learning ecosystems imply defining different access parameters for each service or application. However, this can reduce system security and lead to insufficient usage of the services by end-users. This chapter investigates various approaches for identity management, particulary in a cloud computing environment. Several complex issues are discussed, such as cross-domain authentication, provisioning, multi-tenancy, delegation, and security. The main goal of the research is to provide a highly effective, scalable identity management for end-users in an educational private cloud. A federated identity concept was introduced as a solution that enables organizations to implement secure identity management and to share information on the identities of users in the cloud environment. As a proof of concept, the identity management system was implemented in the e-learning system of Faculty of Organizational Sciences, University of Belgrade.
Chapter Preview
Top

Introduction

The growing complexity of modern educational ecosystems requires new approaches in access control (Dong, Zheng, Yang, Haifei, & Qiao, 2009). Cloud computing environments are multi domain environments in which each domain can use different security, privacy, and trust requirements and potentially employ various mechanisms, interfaces, and semantics. Such domains could represent individually enabled services or other infrastructural or application components (Takabi, Joshi, & Ahn, 2010). In order to provide seamless user experience, technologies such as: cloud-based services, social Web, and rapidly expanding mobile platforms will depend on identity management.

Development and exploitation of the applications in cloud computing environment, both private and public, requires defining and implementation of efficient strategy and tools for user’s identities management. Identity Management (hereinafter: IDM) is key issue for cloud privacy and security. IDM in educational cloud is more complex than in traditional Web-based systems since the users hold multiple accounts with different educational services. The traditional model of application-centric access control, where each application keeps track of its collection of users and manages them, is not acceptable in educational cloud-based architectures.

This chapter describes existing open standards, such as: SAML2, OpenID, OAuth authentication and authorization, SCIM and XACML. These standards aim to solve problems related to maintaining interoperability and enabling easy identity management in cloud environment. Several complex questions, such as: cross-domain authentication, provisioning, multi-tenancy, delegation and security are discussed as well.

The main goal of the research is to provide a highly effective, scalable identity management for end-users in an educational private cloud. The research context of this chapter is focused on the e-learning processes in the private cloud within the Laboratory for e-business at Faculty of Organizational Sciences, University of Belgrade.

Complete Chapter List

Search this Book:
Reset