论文信息 - An Intrusion Tolerant Identity Management Infrastructure for Cloud Computing Services

An Intrusion Tolerant Identity Management Infrastructure for Cloud Computing Services

Identity management is a central point to the security of large applications such cloud services. The identity providers (IdPs) offer services that handle critical information of users. Usually, this kind of information is stored with special care in these providers and intrusions do not necessarily result in security violations. But intrusions may implant malicious behaviors which modify the action of these authentication services. In this way, unauthorized accesses may be achieved for denying accesses to legitimate users of the system. In this paper we introduce an approach for intrusion tolerance to ensure the correct behavior in authentication of large systems, even in presence of possible intrusions.

Joni da Silva Fraga | Frank Siqueira | Eduardo Feitosa | Luciano Barreto

[1] Miguel Castro,et al. Practical byzantine fault tolerance and proactive recovery , 2002, TOCS.

[2] Ray A. Perlner,et al. Electronic Authentication Guideline , 2014 .

[3] Arun Venkataramani,et al. ZZ and the art of practical BFT execution , 2011, EuroSys '11.

[4] Ramakrishna Kotla,et al. Zyzzyva , 2007, SOSP.

[5] Joni da Silva Fraga,et al. An Infrastructure Based in Virtualization for Intrusion Tolerant Services , 2012, 2012 IEEE 19th International Conference on Web Services.

[6] Audun Jøsang,et al. Trust Requirements in Identity Management , 2005, ACSW.

[7] Carlos Becker Westphall,et al. Multi-Tenancy Authorization System with Federated Identity for Cloud-Based Environments Using Shibboleth , 2012, ICON 2012.

[8] Jens Jensen,et al. The CONTRAIL Approach to Cloud Federations , 2012 .

[9] Fred B. Schneider,et al. Implementing fault-tolerant services using the state machine approach: a tutorial , 1990, CSUR.