Design and Application of NFC-Based Identity and Access Management in Cloud Services

In response to a changing world and the fast growth of the Internet, more and more enterprises are replacing web-based services with cloud-based ones. Multi-tenancy technology is becoming more important especially with Software as a Service (SaaS). This in turn leads to a greater focus on the application of Identity and Access Management (IAM). Conventional Near-Field Communication (NFC) based verification relies on a computer browser and a card reader to access an NFC tag. This type of verification does not support mobile device login and user-based access management functions. This study designs an NFC-based third-party cloud identity and access management scheme (NFC-IAM) addressing this shortcoming. Data from simulation tests analyzed with Key Performance Indicators (KPIs) suggest that the NFC-IAM not only takes less time in identity identification but also cuts time by 80% in terms of two-factor authentication and improves verification accuracy to 99.9% or better. In functional performance analyses, NFC-IAM performed better in salability and portability. The NFC-IAM App (Application Software) and back-end system to be developed and deployed in mobile device are to support IAM features and also offers users a more user-friendly experience and stronger security protection. In the future, our NFC-IAM can be employed to different environments including identification for mobile payment systems, permission management for remote equipment monitoring, among other applications. Keywords—Cloud service, multi-tenancy, NFC, IAM, mobile device.

[1]  Chen-Mou Cheng,et al.  A User-Friendly Authentication Solution Using NFC Card Emulation on Android , 2014, 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications.

[2]  Dimitri do B. DeFigueiredo,et al.  The Case for Mobile Two-Factor Authentication , 2011, IEEE Security & Privacy.

[3]  Ernst Haselsteiner Security in Near Field Communication ( NFC ) Strengths and Weaknesses , 2006 .

[4]  簡正欽,et al.  隱私保護NFC留言系統;A Privacy Preserving NFC Guestbook System , 2015 .

[5]  Dimitriadis Evangelos,et al.  The Quest to Replace Passwords : a Framework for Comparative Evaluation of Web Authentication Schemes , 2016 .

[6]  Ken Thompson,et al.  Password security: a case history , 1979, CACM.

[7]  P. Mell,et al.  The NIST Definition of Cloud Computing , 2011 .

[8]  H. Witschnig,et al.  Broadband NFC - A system analysis for the uplink , 2008, 2008 6th International Symposium on Communication Systems, Networks and Digital Signal Processing.

[9]  Rouven Krebs,et al.  Architectural Concerns in Multi-tenant SaaS Applications , 2012, CLOSER.

[10]  Yu Guo,et al.  Multi-Tenancy Based Access Control in Cloud , 2010, 2010 International Conference on Computational Intelligence and Software Engineering.

[11]  Adi Shamir,et al.  A method for obtaining digital signatures and public-key cryptosystems , 1978, CACM.

[12]  André L. M. dos Santos,et al.  Implementation of fast RSA key generation on smart cards , 2002, SAC '02.