Achieving Decentralized and Dynamic SSO-Identity Access Management System for Multi-Application Outsourced in Cloud

【Author】 Fugkeaw, Somchart

【Source】IEEE ACCESS

【影响因子】3.476

【Abstract】Existing Single Sign-On (SSO) access control systems typically rely on the traditional protocols requiring additional authentication mechanism and/or identity providers. As the growing demand in outsourcing system resources such as data and applications to the cloud platform, implementing traditional SSO models to support efficient and fine-grained access control for multi-user and multi-application environment is not practical. In this paper, we propose a blockchain-based identification and access management (IAM) scheme called D-2-IAM to provide strong security measures for controlling SSO access to resources in the cloud. At a core of D-2-IAM, core access control processes are done by the smart contracts and blockchain where the access transactions are well retained for the accountability. In our system, the SSO authentication is based on the highest authentication level and the hashed-based token management. Owing to the autonomous authentication management, the communication overhead regarding the interaction with identity providers and third-party verification mechanism for multi-system authentication is minimized. For the authorization system, D-2-IAM enables fine-grained access through the access policy modeled in the document database written and enforced to each customer. Finally, we conducted the experiments on Google cloud to show that our D-2-IAM system is efficient for the implementation. The performance test showed that our proposed system was approximately 4 times efficient than the average processing time of three existing works.

【Keywords】Authentication; Access control; Cloud computing; Authorization; Blockchains; Smart contracts; Servers; SSO; authentication; access control; blockchain; access policy; document database

【发表时间】2023

【收录时间】2023-04-16

【文献类型】实验仿真

【主题类别】

区块链应用-实体经济-身份验证