Towards a Privacy Mechanism for Preventing Malicious Collusion of Multiple Service Providers (SPs) on the Cloud

Abur, Maria M. and Junaidu, Sahalu B. and Danjuma, Sani and Arlis, Syafri and Ritonga, Rajab and Herawan, Tutut (2018) Towards a Privacy Mechanism for Preventing Malicious Collusion of Multiple Service Providers (SPs) on the Cloud. In: Information Systems Design and Intelligent Applications. Springer, India, pp. 730-739. ISBN 978-981-10-7512-4

[img]
Preview
Text
2018-SPS-Book chapter.pdf

Download (571kB) | Preview
Official URL/ URL Asal/ URL DOI: http://doi.org/10.1007/978-981-10-7512-4_72

Abstract

Cloud computing is cyberspace computing, where systems, packages, data and other required services (such as appliances, development platforms, servers, storage and virtual desktops) are dispensed. It has generated a very significant interest in educational, industrial and business set-ups due to its many benefits. However, cloud computing is still in its early stage of development and is faced with many difficulties. Researchers have shown that security issues are the major concerns that have prevented the wide adoption of cloud computing. One of the security issues is privacy which is about securing the personal identifiable information (PII) or attributes of users on the cloud. Although researches for addressing privacy on the cloud exist (uApprove, uApprove.JP and Template Data Dissemination (TDD)), users’ PII remains susceptible as existing researches lack efficient control of user’s attribute of sensitive data on the cloud. Similarly, users are endangered to malicious service providers (SPs) that may connive to expose a user’s identity in a cloud scenario. This paper provides a mechanism to solve the malicious SP collusion problem and control the release of user’s attribute in the cloud environment. This will require the use of policies on the SPs, where SPs are only allowed to request for attributes that are needed only to process a user’s service at any point in time. This can be achieved using a combination of Kerberos ticket concept, encryption and timestamp on the attribute to be released to SPs from the identity provider (IdP), thereby helping to control attributes given to SPs for processing the release of services to users for one-time usage by the SPs and not kept for future use by them. Thus, replay attacks and blocking other SPs from accessing them are prevented. Hence, any malicious intention of assembling users’ attributes by other SPs to harm them is defeated.

Item Type: Book Section
Subjects: 0 Research > Ilmu Komputer > Jaringan Komputer
Depositing User: Administrator
Date Deposited: 02 Mar 2022 08:47
Last Modified: 02 Mar 2022 08:47
URI: http://repository.upiyptk.ac.id/id/eprint/3708

Actions (login required)

View Item View Item