Show simple item record

dc.contributor.authorVo, THen
dc.contributor.authorFuhrmann, Wen
dc.contributor.authorFischer-Hellmann, K-Pen
dc.contributor.authorFurnell, Sen
dc.date.accessioned2019-05-16T09:29:48Z
dc.date.available2019-05-16T09:29:48Z
dc.date.issued2019-05-15en
dc.identifier.issn1999-5903en
dc.identifier.urihttp://hdl.handle.net/10026.1/14035
dc.description.abstract

<jats:p>In recent years, enterprise applications have begun to migrate from a local hosting to a cloud provider and may have established a business-to-business relationship with each other manually. Adaptation of existing applications requires substantial implementation changes in individual architectural components. On the other hand, users may store their Personal Identifiable Information (PII) in the cloud environment so that cloud services may access and use it on demand. Even if cloud services specify their privacy policies, we cannot guarantee that they follow their policies and will not (accidentally) transfer PII to another party. In this paper, we present Identity-as-a-Service (IDaaS) as a trusted Identity and Access Management with two requirements: Firstly, IDaaS adapts trust between cloud services on demand. We move the trust relationship and identity propagation out of the application implementation and model them as a security topology. When the business comes up with a new e-commerce scenario, IDaaS uses the security topology to adapt a platform-specific security infrastructure for the given business scenario at runtime. Secondly, we protect the confidentiality of PII in federated security domains. We propose our Purpose-based Encryption to protect the disclosure of PII from intermediary entities in a business transaction and from untrusted hosts. Our solution is compliant with the General Data Protection Regulation and involves the least user interaction to prevent identity theft via the human link. The implementation can be easily adapted to existing Identity Management systems, and the performance is fast.</jats:p>

en
dc.format.extent116 - 116en
dc.language.isoenen
dc.publisherMDPIen
dc.titleIdentity-as-a-Service: An Adaptive Security Infrastructure and Privacy-Preserving User Identity for the Cloud Environmenten
dc.typeJournal Article
plymouth.issue5en
plymouth.volume11en
plymouth.journalFuture Interneten
dc.identifier.doi10.3390/fi11050116en
plymouth.organisational-group/Plymouth
plymouth.organisational-group/Plymouth/Faculty of Science and Engineering
plymouth.organisational-group/Plymouth/REF 2021 Researchers by UoA
plymouth.organisational-group/Plymouth/REF 2021 Researchers by UoA/UoA11 Computer Science and Informatics
plymouth.organisational-group/Plymouth/Users by role
plymouth.organisational-group/Plymouth/Users by role/Academics
dcterms.dateAccepted2019-05-08en
dc.rights.embargodate2019-12-07en
dc.identifier.eissn1999-5903en
dc.rights.embargoperiodNot knownen
rioxxterms.versionofrecord10.3390/fi11050116en
rioxxterms.licenseref.urihttp://www.rioxx.net/licenses/all-rights-reserveden
rioxxterms.licenseref.startdate2019-05-15en
rioxxterms.typeJournal Article/Reviewen


Files in this item

Thumbnail
Thumbnail

This item appears in the following Collection(s)

Show simple item record


All items in PEARL are protected by copyright law.
Author manuscripts deposited to comply with open access mandates are made available in accordance with publisher policies. Please cite only the published version using the details provided on the item record or document. In the absence of an open licence (e.g. Creative Commons), permissions for further reuse of content should be sought from the publisher or author.
Theme by 
@mire NV