| Summary: | 碩士 === 長庚大學 === 資訊管理學系 === 101 === We proposed a federated identity management for cloud computing, and cloud service providers compose an alliance via the agreement, users can use all provider's service. The third-party cloud trust center is in charge of alliance's maintenance and management. On the other hand, we also provide mutual authentication let users and providers can verify each other's identity legitimacy. In addition, users' personal data store in different providers, the personal data will be hard to guarantee not being disclosed or stolen.
The thesis is based on CSA's cloud security guideline that users are anonymous in cloud environment and anonymity can decrease personal privacy data disclosing. The issuer can trace the users real identity to solve the dispute of the anonymous. Our scheme have some features below. (1) Federated identity management, let users single sign-on cloud services . (2) Mutual authentication, to verify each other's identity legitimacy. (3) Anonymous, decreasing personal data being disclosed and stolen by accessing service anonymously. (4) Tracing anonymous, the issuer can trace user's real identity. (5) Non-repudiation, the anonymous can't deny things was done by him. (6) Unforgeable, even the providers know the users' private key, they can't forge users' identity.
|
|---|
