強化的行動雲端身分管理架構

隨著無線行動網路的普及，人們可以隨時隨地的上網，使用各種雲端服務；許多雲端服務為了簡化使用者登入程序，提供單一登入機制讓使用者不需要註冊建立新帳號只需透過其既有的大型網站帳號即可登入；然而雲端的公用網路環境容易遭到各種攻擊，必需要有足夠的安全防護，以避免資料容易遭到竊聽、竄改或盜用等問題。本文將介紹一般雲端身分管理架構及文獻中提出的相關協定，並提出改善方法以避免各種問題，期望使用者能更安心的使用雲端服務。

關鍵字

雲端服務；單一登入；身分管理

並列摘要

As the popularity of wireless mobile networks, people can access a variety of cloud services anytime, anywhere. To simplify the user login process, many cloud services provide single sign-on mechanisms that allow users to login using their existing large sites account without creating a new account. However, public cloud network environment is vulnerable to various attacks such as eavesdropping, modification or misuse; adequate security is needed to prevent those problems. In this paper, we will introduce the general cloud identity management framework and the relevant frameworks proposed in literature, and more of that, an improved framework is also proposed which is free from worries of those problems mentioned above. We hope that users can expect more ease of use of cloud services.

並列關鍵字

Cloud Service ； Single Sign-On ； Identity Management

參考文獻

Hwang, M.-S., & Sun, T.-H. (2013). Using Smart Card to Achieve a Single Sign-on for Multiple Cloud Services. IETE Technical Review (Medknow Publications & Media Pvt. Ltd.), 30(5), 410-416.

Google Scholar

IBM (2015). SSL Cipher Specification. Retrieved January 15, 2015 from http://www-01.ibm.com/support/knowledgecenter/SSFKSJ_8.0.0/com.ibm.mq.ref.con.doc/q082230_.htm?lang=en

Google Scholar

Khalil, I., Khreishah, A., & Azeem, M. (2014). Consolidated Identity Management System for secure mobile cloud computing. Computer Networks, 65, 99-110.

Google Scholar

LaPolla, M., Martinelli, F., & Sgandurra, D. (2013). A survey on security for mobile devices. Communications Surveys & Tutorials, IEEE, 15(1), 446-471.

Google Scholar

Radha, V., & Reddy, D. H. (2012). A Survey on single sign-on techniques. Procedia Technology, 4, 134-139.

Google Scholar

國際替代計量

強化的行動雲端身分管理架構

全文下載

主題瀏覽