Secure OpenID Authentication Model by Using Trusted Computing

The growth of Internet online services has been very quick in recent years. Each online service requires Internet users to create a new account to use the service. The problem can be seen when each user usually needs more than one service and, consequently, has numerous accounts. These numerous accounts have to be managed in a secure and simple way to be protected against identity theft. Single sign-on (SSO) and OpenID have been used to decrease the complexity of managing numerous accounts required in the Internet identity environment. Trusted Platform Module (TPM) and Trust Multitenancy are great trusted computing-based technologies to solve security concerns in the Internet identity environment. Since trust is one of the pillars of security in the cloud, this paper analyzes the existing cloud identity techniques in order to investigate their strengths and weaknesses. This paper proposes a model in which One Time Password (OTP), TPM, and OpenID are used to provide a solution against phishing as a common identity theft in cloud environment.

[1]  Sascha Wessel,et al.  TrustID: trustworthy identities for untrusted mobile devices , 2014, CODASPY '14.

[2]  Jeng-Shyang Pan,et al.  New Anti-phishing Method with Two Types of Passwords in OpenID System , 2011, 2011 Fifth International Conference on Genetic and Evolutionary Computing.

[3]  Ramarathnam Venkatesan,et al.  Robust image hashing , 2000, Proceedings 2000 International Conference on Image Processing (Cat. No.00CH37101).

[4]  Félix Gómez Mármol,et al.  Towards the integration of reputation management in OpenID , 2014, Comput. Stand. Interfaces.

[5]  Jemal H. Abawajy,et al.  A Layered Security Approach for Cloud Computing Infrastructure , 2009, 2009 10th International Symposium on Pervasive Systems, Algorithms, and Networks.

[6]  Mazdak Zamani,et al.  Adoption Framework Expansion based on the Computer Ethics ' Related Research Models and Ethical Scenarios Analysis , 2022 .

[7]  Akram M. Zeki,et al.  An approach to improve the robustness of substitution techniques of audio steganography , 2009, 2009 2nd IEEE International Conference on Computer Science and Information Technology.

[8]  David Larrabeiti,et al.  Analysis of privacy vulnerabilities in single sign-on mechanisms for multimedia websites , 2012, Multimedia Tools and Applications.

[9]  Mazdak Zamani,et al.  A confidential RFID model to prevent unauthorized access , 2011, 2011 5th International Conference on Application of Information and Communication Technologies (AICT).

[10]  Hossein Rouhani Zeidanloo,et al.  Genetic Audio Watermarking , 2010, BAIP.

[11]  M S Waterman,et al.  Identification of common molecular subsequences. , 1981, Journal of molecular biology.

[12]  Chun-Ying Huang,et al.  Mitigate web phishing using site signatures , 2010, TENCON 2010 - 2010 IEEE Region 10 Conference.

[13]  Issa M. Khalil,et al.  Cloud Computing Security: A Survey , 2014, Comput..

[14]  Thar Baker,et al.  Security-oriented cloud computing platform for critical infrastructures , 2012, Comput. Law Secur. Rev..

[15]  Mazdak Zamani,et al.  Study of smart card technology and probe user awareness about it: A case study of Middle Eastern students , 2009, 2009 2nd IEEE International Conference on Computer Science and Information Technology.

[16]  Pascal Urien An OpenID Provider Based on SSL Smart Cards , 2010, 2010 7th IEEE Consumer Communications and Networking Conference.

[17]  Hamid Reza Karimi,et al.  Filtering for Discrete Fuzzy Stochastic Time-Delay Systems with Sensor Saturation , 2013 .

[18]  S. B. Needleman,et al.  A general method applicable to the search for similarities in the amino acid sequence of two proteins. , 1970, Journal of molecular biology.

[19]  Bin Wang,et al.  Identity Federation Broker for Service Cloud , 2010, 2010 International Conference on Service Sciences.

[20]  Raghu Yeluri,et al.  The Trusted Cloud: Addressing Security and Compliance , 2014 .

[21]  Mojtaba Alizadeh,et al.  Implementation and evaluation of lightweight encryption algorithms suitable for RFID , 2013 .

[22]  C. Latze,et al.  Stronger authentication in e-commerce: how to protect even naïve user against phishing, pharming, and MITM attacks , 2007 .

[23]  Mojtaba Alizadeh,et al.  Energy Efficient Routing in Wireless Sensor Networks Based on Fuzzy Ant Colony Optimization , 2014, Int. J. Distributed Sens. Networks.

[24]  Mazdak Zamani,et al.  A survey on security issues of federated identity in the cloud computing , 2012, 4th IEEE International Conference on Cloud Computing Technology and Science Proceedings.

[25]  Moon-Seog Jun,et al.  A Mechanism to Prevent RP Phishing in OpenID System , 2010, 2010 IEEE/ACIS 9th International Conference on Computer and Information Science.

[26]  Jamalul-Lail Ab Manan,et al.  A study of trust & privacy models in pervasive computing , 2009, 2009 International Conference for Technical Postgraduates (TECHPOS).

[27]  Akram M. Zeki,et al.  Robust audio steganography via genetic algorithm , 2009, 2009 International Conference on Information and Communication Technologies.

[28]  Xu Yang,et al.  Robust PLS approach for KPI-related prediction and diagnosis against outliers and missing data , 2014, Int. J. Syst. Sci..

[29]  Issa M. Khalil,et al.  Consolidated Identity Management System for secure mobile cloud computing , 2014, Comput. Networks.

[30]  Lorrie Faith Cranor,et al.  Phinding Phish: An Evaluation of Anti-Phishing Toolbars , 2007, NDSS.

[31]  Mazdak Zamani,et al.  Security Features Comparison of Master Key and IKM Cryptographic Key Management for Researchers and Developers , 2011 .

[32]  Kuan-Ta Chen,et al.  Fighting Phishing with Discriminative Keypoint Features , 2009, IEEE Internet Computing.

[33]  Xiangwu Ding,et al.  A Scheme for Confidentiality Protection of OpenID Authentication Mechanism , 2010, 2010 International Conference on Computational Intelligence and Security.

[34]  Raimund K. Ege,et al.  Secure trust management for mobile platforms , 2014, 2014 International Conference on Computing, Networking and Communications (ICNC).

[35]  Jörg Schwenk,et al.  On Breaking SAML: Be Whoever You Want to Be , 2012, USENIX Security Symposium.

[36]  Jamalul-lail Ab Manan,et al.  Remote User Authentication Scheme with Hardware-Based Attestation , 2011, ICSECS.

[37]  M. Zamani,et al.  Code analysis of lightweight encryption algorithms using in RFID systems to improve cipher performance , 2012, 2012 IEEE Conference on Open Systems.

[38]  San-Tsai Sun,et al.  Simple But Not Secure : An Empirical Security Analysis of OAuth 2 . 0-Based Single Sign-On Systems , 2012 .

[39]  Hamid Reza Karimi,et al.  Design of a TFT-LCD based digital automobile instrument , 2014 .

[40]  Hamid Reza Karimi,et al.  Data-driven design of robust fault detection system for wind turbines , 2014 .

[41]  Kilsoo Chun,et al.  A New Anti-phishing Method in OpenID , 2008, 2008 Second International Conference on Emerging Security Information, Systems and Technologies.

[42]  Suziah Sulaiman,et al.  User requirement model for federated identities threats , 2010, 2010 3rd International Conference on Advanced Computer Theory and Engineering(ICACTE).

[43]  Guang Yu,et al.  Research and Application of Personalized Modeling Based on Individual Interest in Mining , 2014 .

[44]  Mazdak Zamani,et al.  Knots of substitution techniques of audio steganography , 2009 .

[45]  XiaoFeng Wang,et al.  Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services , 2012, 2012 IEEE Symposium on Security and Privacy.

[46]  Steven X. Ding,et al.  A Review on Basic Data-Driven Approaches for Industrial Process Monitoring , 2014, IEEE Transactions on Industrial Electronics.

[47]  Hamid Reza Karimi,et al.  Residual Generator-Based Controller Design via Process Measurements , 2014 .

[48]  M. Zamani,et al.  A Survey of Success Factors for CRM , 2010 .

[49]  Carlos Becker Westphall,et al.  Multi-Tenancy Authorization System with Federated Identity for Cloud-Based Environments Using Shibboleth , 2012, ICON 2012.

[50]  Hamid Reza Karimi,et al.  Data-driven adaptive observer for fault diagnosis , 2012 .

[51]  Kenji Takahashi,et al.  Federated identity management for protecting users from ID theft , 2005, DIM '05.

[52]  Mojtaba Alizadeh,et al.  Trusted Computing Strengthens Cloud Authentication , 2014, TheScientificWorldJournal.

[53]  Harihodin Selamat,et al.  An overview of success factors for CRM , 2010, 2010 2nd IEEE International Conference on Information and Financial Engineering.

[54]  Shen Yin,et al.  Robust estimation for discrete time-delay Markov jump systems with sensor non-linearity and missing measurements , 2014 .

[55]  Akram M. Zeki,et al.  A Novel Approach for Audio Watermarking , 2009, 2009 Fifth International Conference on Information Assurance and Security.

[56]  Liang Yan,et al.  Strengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography , 2009, CloudCom.

[57]  M. Zamani,et al.  An Introduction to Image Steganography Techniques , 2012, 2012 International Conference on Advanced Computer Science Applications and Technologies (ACSAT).

[58]  Fazli Bin Mat Nor,et al.  MITIGATING MAN-IN-THE-BROWSER ATTACKS WITH HARDWARE-BASED AUTHENTICATION SCHEME , 2012 .

[59]  Tao Lin,et al.  A federated identity management system with centralized trust and unified Single Sign-On , 2011, 2011 6th International ICST Conference on Communications and Networking in China (CHINACOM).

[60]  Huijun Gao,et al.  Data-Based Techniques Focused on Modern Industry: An Overview , 2015, IEEE Transactions on Industrial Electronics.

[61]  Chun-Ying Huang,et al.  Using one-time passwords to prevent password phishing attacks , 2011, J. Netw. Comput. Appl..

[62]  Kai Hwang,et al.  Trusted Cloud Computing with Secure Resources and Data Coloring , 2010, IEEE Internet Computing.

[63]  Lorrie Faith Cranor,et al.  Cantina: a content-based approach to detecting phishing web sites , 2007, WWW '07.

[64]  Andreas Leicher,et al.  Smart OpenID A Smart Card based OpenID Protocol , 2012 .

[65]  Mazdak Zamani,et al.  A trust based model for federated identity architecture to mitigate identity theft , 2012, 2012 International Conference for Internet Technology and Secured Transactions.