Presentation is loading. Please wait.

Presentation is loading. Please wait.

Privacy and Identity Management in Cloud Rohit Ranchal, Bharat Bhargava, Pelin Angin, Noopur Singh, Lotfi Ben Othmane, Leszek Lilien Department of Computer.

Published byCory McDonald Modified over 8 years ago

Similar presentations

Presentation on theme: "Privacy and Identity Management in Cloud Rohit Ranchal, Bharat Bhargava, Pelin Angin, Noopur Singh, Lotfi Ben Othmane, Leszek Lilien Department of Computer."— Presentation transcript:

1 Privacy and Identity Management in Cloud Rohit Ranchal, Bharat Bhargava, Pelin Angin, Noopur Singh, Lotfi Ben Othmane, Leszek Lilien Department of Computer Science Purdue University, Western Michigan University {rranchal, bbshail}@purdue.edu, leszek.lilien@wmich.edu Mark Linderman mark.linderman@rl.af.mil Air Force Research Laboratory Rome, NY, USA This research was supported by AFRL Rome, USA and NGC

2 Outline Motivation Identity Management (IDM) Goals of Proposed User-Centric IDM Mechanisms Description of proposed solution Advantages of the Proposed Scheme Conclusion & Future Work References Questions?

3 Motivation User on Amazon Cloud Name E-mail Password Billing Address Shipping Address Credit Card Name E-mail Shipping Address Name Billing Address Credit Card Name E-mail Password Billing Address Shipping Address Credit Card Name E-mail Shipping Address

4 Motivation User on Amazon Cloud Name E-mail Password Billing Address Shipping Address Credit Card Name E-mail Shipping Address Name Billing Address Credit Card Name E-mail Password Billing Address Shipping Address Credit Card Name E-mail Shipping Address

5 Motivation The migration of web applications to Cloud computing platform has raised concerns about the privacy of sensitive data belonging to the consumers of cloud services. How can consumers verify that a service provider conform to the privacy laws and protect consumer’s digital identity. The username/password security token used by most service providers to authenticate consumers, leaves the consumer vulnerable to phishing attacks. The solution to address the above problems can be the use of an Identity Management (IDM) System. The solution should help the consumer in making a proactive choice about how and what personal information they disclose, control how their information can be used, cancel their subscription to the service, and monitor to verify that a service provider applies required privacy policies.

6 Identity Management (IDM) IDM in traditional application-centric IDM model ◦ Each service keeps track of identifying information of its users. Existing IDM Systems ◦ Microsoft Windows CardSpace [W. A. Alrodhan] ◦ OpenID [http://openid.net] ◦ PRIME [S. F. Hubner, Karlstad Univ] trusted third party These systems require a trusted third party and do not work on untrusted host. an untrusted host. If Trusted Third Party is compromised, all the identifying information of the users is also compromised leading to serious problems like Identity Theft. AT&T iPad leak [AT&T iPad leak ]

7 Identity Management (IDM) Microsoft Windows CardSpace Windows CardSpace is an Identity-metasystem which provides a way, for managing multiple digital identities of a user. It is claims based access platform/ architecture, developed for windows XP. It uses a plug-in for Internet explorer 7 browser. OpenID With OpenID a user uses one username and one password to access many web applications. The user authenticate to an OpenID server to get his/her OpenID token in order to authenticate itself to web applications. PRIME (Privacy and Identity Management for Europe) PRIME, is an application -the PRIME Console middleware running on a user’s machine, It handles management and disclosure of personal data for the user.

8 IDM in Cloud Computing Cloud introduces several issues to IDM ◦ Collusion between Cloud Services multiple accountsmultiple service providers.  Users have multiple accounts associated with multiple service providers. mapping of the identities to the user.  Sharing sensitive identity information between services can lead to undesirable mapping of the identities to the user. ◦ Lack of trust  Cloud hosts are untrusted  Use of Trusted Third Party is not an option ◦ Loss of control  Service-centric IDM Model IDM in Cloud needs to be user-centric

9 Goals of Proposed User-Centric IDM for the Cloud 1. Authenticate without disclosing identifying information 2. Ability to securely use a service while on an untrusted host (VM on the cloud) 3. Minimal disclosure and minimized risk of disclosure during communication between user and service provider (Man in the Middle, Side Channel and Correlation Attacks) 4. Independence of Trusted Third Party for identity information

10 Mechanisms in Proposed IDM Active Bundle [L. Othmane, R. Ranchal] Anonymous Identification [A. Shamir] Computing Predicates with encrypted data [E. Shi] Multi-Party Computing [A. Shamir] Selective Disclosure [B. Laurie]

11 Active Bundle Active bundle AB Active bundle (AB) protectingdatawithin – An encapsulating mechanism protecting data carried within it data – Includes data metadata – Includes metadata used for managing confidentiality Both privacy of data and privacy of the whole AB – Includes Virtual Machine (VM) operations performing a set of operations protecting confidentiality protecting its confidentiality Active Bundles—Operations Active Bundles—Operations – Self-Integrity check E.g., Uses a hash function – Evaporation/ Filtering Self-destroys (a part of) AB’s sensitive data when threatened with a disclosure – Apoptosis Self-destructs AB’s completely

12 Active Bundle Scheme – Metadata: Access control policies Data integrity checks Dissemination policies Life duration ID of a trust server ID of a security server App-dependent information … – Sensitive Data: Identity Information... – Virtual Machine (algorithm): Interprets metadata Checks active bundle integrity Enforces access and dissemination control policies … E(Name) E(E-mail) E(Password) E(Shipping Address) E(Billing Address) E(Credit Card) … * E( ) - Encrypted Information

13 Anonymous Identification User on Amazon Cloud 1.E-mail 2.Password 1.E-mail 2.Password User Request for service Function f and number k f k (E-mail, Password) = R ZKP Interactive Protocol Authenticated Use of Zero-knowledge proofing for user authentication without disclosing its identifier.

14 Interaction using Active Bundle Active Bundle (AB) Security Services Agent (SSA) Active Bundle Services User Application Active Bundle Coordinator Active Bundle Creator Directory Facilitator Active Bundle Destination Trust Evaluation Agent (TEA) Audit Services Agent (ASA) Active Bundle AB information disclosure

15 Predicate over Encrypted Data Verification without disclosing unencrypted identity data. E-mail Password E(Name) E(Shipping Address) E(Billing Address) E(Credit Card) E(Name) E(Billing Address) E(Credit Card) Predicate Request* *Age Verification Request *Credit Card Verification Request

16 Multi-Party Computing To become independent of a trusted third party Multiple Services hold shares of the secret key Minimize the risk E(Name) E(Billing Address) E(Credit Card) Key Management Services K’1K’1 K’2K’2 K’3K’3 K’nK’n Predicate Request * Decryption of information is handled by the Key Management services

17 Multi-Party Computing To become independent of a trusted third party Multiple Services hold shares of the secret key Minimize the risk Name Billing Address Credit Card Key Management Services K’1K’1 K’2K’2 K’3K’3 K’nK’n Predicate Reply* *Age Verified *Credit Card Verified

18 Selective Disclosure E-mail Password E(Name) E(Shipping Address) E(Billing Address) E(Credit Card) Selective disclosure* E-mail E(Name) E(Shipping Address) User Policies in the Active Bundle dictate dissemination *e-bay shares the encrypted information based on the user policy

19 Selective Disclosure E-mail E(Name) E(Shipping Address) Selective disclosure* E(Name) E(Shipping Address) *e-bay seller shares the encrypted information based on the user policy

20 Selective Disclosure E-mail E(Name) E(Shipping Address) Selective disclosure Name Shipping Address Decryption handled by Multi-Party Computing as in the previous slides

21 Selective Disclosure E-mail E(Name) E(Shipping Address) Selective disclosure Name Shipping Address Fed-Ex can now send the package to the user

22 Identity in the Cloud User on Amazon Cloud Name E-mail Password Billing Address Shipping Address Credit Card Name Shipping Address Name Billing Address Credit Card E-mail Password E-mail

23 Characteristics and Advantages Ability to use Identity data on untrusted hosts Self Integrity Check Integrity compromised- apoptosis or evaporation Data should not be on this host Establishes the trust of users in IDM ◦ Through putting the user in control of who has his data and how is is used ◦ Identity is being used in the process of authentication, negotiation, and data exchange. Independent of Third Party for Identity Information ◦ Minimizes correlation attacks Minimal disclosure to the SP ◦ SP receives only necessary information.

24 Conclusion & Future Work Problems with IDM in Cloud Computing ◦ Collusion of Identity Information ◦ Prohibited Untrusted Hosts ◦ Usage of Trusted Third Party Proposed Approaches ◦ IDM based on Anonymous Identification ◦ IDM based on Predicate over Encrypted data ◦ IDM based on Multi-Party Computing Future work ◦ Develop the prototype, conduct experiments and evaluate the approach

25 References [1] C. Sample and D. Kelley. Cloud Computing Security: Routing and DNS Threats, http://www.securitycurve.com/wordpress/, June 23,2009. [2] W. A. Alrodhan and C. J. Mitchell. Improving the Security of CardSpace, EURASIP Journal on Information Security Vol. 2009, doi:10.1155/2009/167216, 2009. [3] OPENID, http://openid.net/, 2010. [4] S. F. Hubner. HCI work in PRIME, https://www.prime-project.eu/, 2008. [5] A. Gopalakrishnan, Cloud Computing Identity Management, SETLabsBriefings, Vol7, http://www.infosys.com/research/, 2009. [6] A. Barth, A. Datta, J. Mitchell and H. Nissenbaum. Privacy and Contextual Integrity: Framework and Applications, Proc. of the 2006 IEEE Symposium on Security and Privacy, 184-198. [7] L. Othmane, Active Bundles for Protecting Confidentiality of Sensitive Data throughout Their Lifecycle, PhD Thesis, Western Michigan Univ, 2010. [8] A. Fiat and A. Shamir, How to prove yourself: Practical Solutions to Identification and Signature Problems, CRYPTO, 1986. [9] A. Shamir, How to Share a Secret, Communications of the ACM, 1979. [10] M. Ben-Or, S. Goldwasser and A. Wigderson, Completeness theorems for non- cryptographic fault-tolerant distributed computation, ACM Symposium on Theory of Computing, 1988. [11] E. Shi, Evaluating Predicates over Encrypted Data, PhD Thesis, CMU, 2008.

26 Thank you! Any question?

27 Approach - 1 IDM Wallet: ◦ Use of AB scheme to protect PII from untrusted hosts. Anonymous Identification: ◦ Use of Zero-knowledge proofing for authentication of an entity without disclosing its identifier.

28 Components of Active Bundle (Approach – 1) Identity data: Data used during authentication, getting service, using service (i.e. SSN, Date of Birth). Disclosure policy: A set of rules for choosing Identity data from a set of identities in IDM Wallet. Disclosure history: Used for logging and auditing purposes. Negotiation policy: This is Anonymous Identification, based on the Zero Knowledge Proofing. Virtual Machine: Code for protecting data on untrusted hosts. It enforces the disclosure policies.

29 Anonymous Identification (Approach – 1) Anonymous Identification (Shamir's approach for Credit Cards) IdP provides Encrypted Identity Information to the user and SP. SP and User interact Both run IdP's public function on the certain bits of the Encrypted data. Both exchange results and agree if it matches.

30 Usage Scenario (Approach – 1)

31 Approach - 2 Active Bundle scheme Active Bundle scheme to protect PII from untrusted hosts Predicates over encrypted data Predicates over encrypted data to authenticate without disclosing unencrypted identity data. Multi-party computing Multi-party computing to be independent of a trusted third party

32 Usage Scenario (Approach – 2) Owner O encrypts Identity Data(PII) using algorithm Encrypt and O’s public key PK. Encrypt outputs CT—the encrypted PII. SP transforms his request for PII to a predicate represented by function p. SP sends shares of p to the n parties who hold the shares of MSK. n parties execute together KeyGen using PK, MSK, and p, and return TKp to SP. SP calls the algorithm Query that takes as input PK, CT, TKp and produces p(PII) which is the evaluation of the predicate. The owner O is allowed to use the service only when the predicate evaluates to “true”.

33 Representation of identity information for negotiation  Token/Pseudonym  Identity Information in clear plain text  Active Bundle

34 Motivation: Authentication Process using PII Problem: Which information to disclose and how to disclose it.

Download ppt "Privacy and Identity Management in Cloud Rohit Ranchal, Bharat Bhargava, Pelin Angin, Noopur Singh, Lotfi Ben Othmane, Leszek Lilien Department of Computer."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.

Secure Naming structure and p2p application interaction IETF - PPSP WG July 2010 Christian Dannewitz, Teemu Rautio and Ove Strandberg.
Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.

Key distribution and certification In the case of public key encryption model the authenticity of the public key of each partner in the communication must.
User-centric Handling of Identity Agent Compromise Daisuke Mashima Dr. Mustaque Ahamad Swagath Kannan College of Computing Georgia Institute of Technology.

User-centric Handling of Identity Agent Compromise Daisuke Mashima Dr. Mustaque Ahamad Swagath Kannan College of Computing Georgia Institute of Technology.
Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.

Spring 2000CS 4611 Security Outline Encryption Algorithms Authentication Protocols Message Integrity Protocols Key Distribution Firewalls.
Privacy in Cloud Computing Through Identity Management Purdue University Bharat Bhargava, Noopur Singh U.S Airforce Asher Sinclair.

Privacy in Cloud Computing Through Identity Management Purdue University Bharat Bhargava, Noopur Singh U.S Airforce Asher Sinclair.
Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.

Lect. 18: Cryptographic Protocols. 2 1.Cryptographic Protocols 2.Special Signatures 3.Secret Sharing and Threshold Cryptography 4.Zero-knowledge Proofs.
Trustworthy Services from Untrustworthy Components: Overview Fred B. Schneider Department of Computer Science Cornell University Ithaca, New York 14853.

Trustworthy Services from Untrustworthy Components: Overview Fred B. Schneider Department of Computer Science Cornell University Ithaca, New York
Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.

Identity Management Based on P3P Authors: Oliver Berthold and Marit Kohntopp P3P = Platform for Privacy Preferences Project.
Grid Security. Typical Grid Scenario Users Resources.

Grid Security. Typical Grid Scenario Users Resources.
Trustworthy and Personalized Computing Christopher Strasburg Department of Computer Science Iowa State University November 12, 2008.

Trustworthy and Personalized Computing Christopher Strasburg Department of Computer Science Iowa State University November 12, 2008.
Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.

Cryptography and Authentication Lab ECE4112 Group4 Joel Davis Scott Allen Quinn.
Privacy and Identity Management in Cloud Rohit Ranchal, Bharat Bhargava, Pelin Angin, Noopur Singh, Lotfi Ben Othmane, Leszek Lilien Department of Computer.

Privacy and Identity Management in Cloud Rohit Ranchal, Bharat Bhargava, Pelin Angin, Noopur Singh, Lotfi Ben Othmane, Leszek Lilien Department of Computer.
Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.

Mar 12, 2002Mårten Trolin1 This lecture Diffie-Hellman key agreement Authentication Certificates Certificate Authorities SSL/TLS.
Protection of Identity Information in Cloud Computing without Trusted Third Party 作者 :Rohit Ranchal, Bharat Bhargave, Lotfi Ben Othmane, Leszek Lilien,

Protection of Identity Information in Cloud Computing without Trusted Third Party 作者 :Rohit Ranchal, Bharat Bhargave, Lotfi Ben Othmane, Leszek Lilien,
This paper states that one of the major problem to the adoption of cloud computing is that of security.  Existing cloud computing problem or concerns.

This paper states that one of the major problem to the adoption of cloud computing is that of security.  Existing cloud computing problem or concerns.
Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.

Lecture III : Communication Security, Services & Mechanisms Internet Security: Principles & Practices John K. Zao, PhD SMIEEE National Chiao-Tung University.
Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.

Introduction to PKI Seminar What is PKI? Robert Brentrup July 13, 2004.
1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.

1 Trust and Privacy in Authorization Bharat Bhargava Yuhui Zhong Leszek Lilien CERIAS Security Center CWSA Wireless Center Department of CS and ECE Purdue.
FIT3105 Smart card based authentication and identity management Lecture 4.

FIT3105 Smart card based authentication and identity management Lecture 4.

Similar presentations

Ads by Google