An identity-based security infrastructure for Cloud environments

This paper presents a novel security infrastructure for deploying and using service-oriented Cloud applications securely without having to face the complexity associated with certificate management. The proposal is based on an identity-based cryptographic approach that offers an independent setup of security domains and does not require a trust hierarchy compared to other identity-based cryptographic systems. The service URLs can be used as public keys, such that creating a secure connection to a service is very simple. A comparison between traditional approaches and identity-based cryptography with respect to data transfer requirements is presented.

[1]  Matthew K. Franklin,et al.  Identity-Based Encryption from the Weil Pairing , 2001, CRYPTO.

[2]  Matthew J. B. Robshaw,et al.  A Dynamic Key Infrastructure for Grid , 2005, EGC.

[3]  Hugo Krawczyk,et al.  Okamoto-Tanaka Revisited: Fully Authenticated Diffie-Hellman with Minimal Overhead , 2010, ACNS.

[4]  Liqun Chen,et al.  User-Friendly Grid Security Architecture and Protocols , 2005, Security Protocols Workshop.

[5]  Bernd Freisleben,et al.  Composition and Execution of Secure Workflows in WSRF-Grids , 2008, 2008 Eighth IEEE International Symposium on Cluster Computing and the Grid (CCGRID).

[6]  Thomas Friese,et al.  Intra-engine service security for grids based on WSRF , 2005, CCGrid 2005. IEEE International Symposium on Cluster Computing and the Grid, 2005..

[7]  Bernd Freisleben,et al.  Secure on-demand grid computing , 2009, Future Gener. Comput. Syst..

[8]  Gregory A. Koenig,et al.  Security issues in on-demand grid and cluster computing , 2006, Sixth IEEE International Symposium on Cluster Computing and the Grid (CCGRID'06).

[9]  Ling Tian,et al.  Identity-Based Authentication for Cloud Computing , 2009, CloudCom.

[10]  Kenneth G. Paterson,et al.  What can identity-based cryptography offer to web services? , 2007, SWS '07.

[11]  Adi Shamir,et al.  Identity-Based Cryptosystems and Signature Schemes , 1984, CRYPTO.

[12]  Kenneth G. Paterson,et al.  Identity-based cryptography for grid security , 2005, First International Conference on e-Science and Grid Computing (e-Science'05).

[13]  Bernd Freisleben,et al.  An Identity-Based Key Agreement Protocol for the Network Layer , 2008, SCN.