Identity-Based Management in the Cloud Computing

Abstract

The key management in cloud computing security became an incentive research area, where resource collaboration and coordination become so prevalent in cloud computing. Most researches focus on the authentication for two reasons; it is an essential security aspect and is the first line of defense in cloud computing environments. The main cloud computing authentication objectives are security and efficiency. This thesis examines the application of hierarchal identity-based authenticated key agreement in designing security key management for cloud computing. The most common key management in the cloud computing solution goes to the Hierarchical Identity-Based Cryptography (HIBC), which focused on encryption and signature for access control cloud computing environment. Nevertheless, authentication methods did not have the same interest. Many of the authentication methods used with cloud computing environment are not efficient for large scale multiple domains. Moreover, it is only used for access control but did not support mutual authentication. In this thesis, we propose a Hierarchal Identity-Based Authenticated Key Agreement protocol (HIB-AKA). Our proposed protocol exploits new interesting properties of Hierarchical Identity-Based Cryptography (HIBC) to replicate security services provided by the Cloud Security Infrastructure (CSI). The CSI is based on 3 Public Key Infrastructure (PKI) that supports standard X.509 certificates and proxy certificates. Since our proposed protocol is certificate-free and has small key sizes, it offers a more lightweight approach to key management than the CSI. Our protocol presents a new technique of using a one-pass delegation protocol that makes use of HIBC properties. This combination of lightweight key management and efficient delegation protocol experimentally proved to be better in scalability than the existing PKI-based approach to cloud security.