Visible to the public Privacy Token Technique for Protecting User’s Attributes in a Federated Identity Management System for the Cloud Environment

TitlePrivacy Token Technique for Protecting User’s Attributes in a Federated Identity Management System for the Cloud Environment
Publication TypeConference Paper
Year of Publication2019
AuthorsAbur, Maria M., Junaidu, Sahalu B., Obiniyi, Afolayan A., Abdullahi, Saleh E.
Conference Name2019 2nd International Conference of the IEEE Nigeria Computer Chapter (NigeriaComputConf)
Keywordsattributes privacy protection, authorisation, cloud, cloud computing, cloud environment, CloudAnalyst simulation, data protection, federated identity management system, Java, Java programming language, Metrics, personal identifiable information, privacy, privacy risks, Privacy Token, privacy token technique, pseudoattributes values, pseudonymous technique, pubcrawl, Resiliency, risk management, Scalability, service providers, Services and user’s privacy, SPs, user attributes protection, user privacy in the cloud
AbstractOnce an individual employs the use of the Internet for accessing information; carrying out transactions and sharing of data on the Cloud, they are connected to diverse computers on the network. As such, security of such transmitted data is most threatened and then potentially creating privacy risks of users on the federated identity management system in the Cloud. Usually, User's attributes or Personal Identifiable Information (PII) are needed to access Services on the Cloud from different Service Providers (SPs). Sometime these SPs may by themselves violate user's privacy by the reuse of user's attributes offered them for the release of services to the users without their consent and then carrying out activities that may appear malicious and then causing damage to the users. Similarly, it should be noted that sensitive user's attributes (e.g. first name, email, address and the likes) are received in their original form by needed SPs in plaintext. As a result of these problems, user's privacy is being violated. Since these SPs may reuse them or connive with other SPs to expose a user's identity in the cloud environment. This research is motivated to provide a protective and novel approach that shall no longer release original user's attributes to SPs but pseudonyms that shall prevent the SPs from violating user's privacy through connivance to expose the user's identity or other means. The paper introduces a conceptual framework for the proposed user's attributes privacy protection in a federated identity management system for the cloud. On the proposed system, the use of pseudonymous technique also called Privacy Token (PT) is employed. The pseudonymous technique ensures users' original attributes values are not sent directly to the SP but auto generated pseudo attributes values. The PT is composed of: Pseudo Attribute values, Timestamp and SPİD. These composition of the PT makes it difficult for the User's PII to be revealed and further preventing the SPs from being able to keep them or reuse them in the future without the user's consent for any purpose. Another important feature of the PT is its ability to forestall collusion among several collaborating service providers. This is due to the fact that each SP receives pseudo values that have no direct link to the identity of the user. The prototype was implemented with Java programming language and its performance tested on CloudAnalyst simulation.
Citation Keyabur_privacy_2019