{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,6,24]],"date-time":"2026-06-24T15:03:39Z","timestamp":1782313419154,"version":"3.54.5"},"reference-count":81,"publisher":"Springer Science and Business Media LLC","issue":"1","license":[{"start":{"date-parts":[[2014,11,11]],"date-time":"2014-11-11T00:00:00Z","timestamp":1415664000000},"content-version":"tdm","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"},{"start":{"date-parts":[[2014,11,11]],"date-time":"2014-11-11T00:00:00Z","timestamp":1415664000000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/creativecommons.org\/licenses\/by\/4.0"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":["Complex Adapt Syst Model"],"published-print":{"date-parts":[[2014,12]]},"abstract":"<jats:title>Abstract<\/jats:title>\n               <jats:sec>\n                  <jats:title>Purpose<\/jats:title>\n                  <jats:p>Cloud computing systems represent one of the most complex computing systems currently in existence. Current applications of Cloud involve extensive use of distributed systems with varying degree of connectivity and usage. With a recent focus on large-scale proliferation of Cloud computing, identity management in Cloud based systems is a critical issue for the sustainability of any Cloud-based service. This area has also received considerable attention from the research community as well as the IT industry. Numerous Cloud Identity Management Systems (IDMSs) have been proposed so far; however, most of those systems are neither widely accepted nor considered highly reliable due to their constraints in terms of scope, applicability and security. In order to achieve reliability and effectiveness in IDMs for Cloud, further extensive research needs to be carried out to critically examine Cloud based IDMSs and their level of security.<\/jats:p>\n              <\/jats:sec>\n               <jats:sec>\n                  <jats:title>Methods<\/jats:title>\n                  <jats:p>In this work, we have holistically analyzed Cloud IDMSs to better understand the general as well as the security aspects of this domain. From the security perspective, we present a comprehensive list of attacks that occur frequently in Cloud based IDMSs. In order to alleviate those attacks, we present a well-organized taxonomy tree covering the most desired features essential for any Cloud-based IDMSs. Additionally, we have specified various mechanisms of realization (such as access control polices, encryption, self-service) against each of the features of Cloud IDMSs. We have further used the proposed taxonomy as an assessment criterion for the evaluation of Cloud based IDMSs.<\/jats:p>\n              <\/jats:sec>\n               <jats:sec>\n                  <jats:title>Results<\/jats:title>\n                  <jats:p>Our in-depth analysis of various Cloud based IDMSs reveals that most of the systems do not offer support to all the essential features of Cloud IDMS and the ones that do, have their own certain weaknesses. None of the discussed techniques heuristically covers all the security features; moreover, they lack compliance to international standards which, understandably, undermines their credibility.<\/jats:p>\n              <\/jats:sec>\n               <jats:sec>\n                  <jats:title>Conclusion<\/jats:title>\n                  <jats:p>Presented work will help Cloud subscribers and providers in understanding the available solutions as well as the involved risks, allowing them to make more knowledgeable decisions while selecting potential Cloud IDMSs that best suits their functional and security requirements.<\/jats:p>\n              <\/jats:sec>","DOI":"10.1186\/s40294-014-0005-9","type":"journal-article","created":{"date-parts":[[2014,11,10]],"date-time":"2014-11-10T19:09:11Z","timestamp":1415646551000},"update-policy":"https:\/\/doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":48,"title":["Cloud identity management security issues &amp; solutions: a taxonomy"],"prefix":"10.1186","volume":"2","author":[{"given":"Umme","family":"Habiba","sequence":"first","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Rahat","family":"Masood","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Muhammad Awais","family":"Shibli","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]},{"given":"Muaz A","family":"Niazi","sequence":"additional","affiliation":[],"role":[{"vocabulary":"crossref","role":"author"}]}],"member":"297","published-online":{"date-parts":[[2014,11,11]]},"reference":[{"key":"5_CR1","doi-asserted-by":"publisher","first-page":"641","DOI":"10.1109\/HPCC.2010.87","volume-title":"High Performance Computing and Communications (HPCC), 2010 12th IEEE International Conference on","author":"A Albeshri","year":"2010","unstructured":"Albeshri A, Caelli W: Mutual protection in a cloud computing environment. In High Performance Computing and Communications (HPCC), 2010 12th IEEE International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:641\u2013646."},{"key":"5_CR2","unstructured":"Almorsy, M, Grundy J, M\u00fcller I: An analysis of the cloud computing security problem. In Proceedings of APSEC 2010 Cloud Workshop. Sydney, Australia; 2010."},{"key":"5_CR3","doi-asserted-by":"publisher","first-page":"75","DOI":"10.1109\/CTS.2010.5478521","volume-title":"Collaborative Technologies and Systems (CTS), 2010 International Symposium on","author":"WA Alrodhan","year":"2010","unstructured":"Alrodhan WA, Mitchell CJ: Enhancing user authentication in claim-based identity management. In Collaborative Technologies and Systems (CTS), 2010 International Symposium on. IEEE, Piscataway, New Jersey, United States; 2010:75\u201383."},{"key":"5_CR4","doi-asserted-by":"publisher","first-page":"177","DOI":"10.1109\/SRDS.2010.28","volume-title":"Reliable Distributed Systems, 2010 29th IEEE Symposium on","author":"P Angin","year":"2010","unstructured":"Angin P, Bhargava B, Ranchal R, Singh N, Linderman M, Othmane LB, Lilien L: An entity-centric approach for privacy and identity management in cloud computing. In Reliable Distributed Systems, 2010 29th IEEE Symposium on. IEEE, Piscataway, New Jersey, United States; 2010:177\u2013183."},{"key":"5_CR5","doi-asserted-by":"publisher","first-page":"513","DOI":"10.1007\/s10922-012-9244-2","volume":"20","author":"P Arias-Cabarcos","year":"2012","unstructured":"Arias-Cabarcos P, Almen\u00e1rez-Mendoza F, Mar\u00edn-L\u00f3pez A, D\u00edaz-S\u00e1nchez D, S\u00e1nchez-Guerrero R: A metric-based approach to assess risk for \u201con cloud\u201d federated identity management. J Netw Syst Manag 2012, 20: 513\u2013533. Springer, 2012 Springer, 2012 10.1007\/s10922-012-9244-2","journal-title":"J Netw Syst Manag"},{"key":"5_CR6","first-page":"555","volume-title":"2012 Seventh International Conference on Availability, Reliability and Security","author":"M Ates","year":"2011","unstructured":"Ates M, Ravet S, Ahmat AM, Fayolle J: An identity-centric internet: identity in the cloud, identity as a service and other delights. In 2012 Seventh International Conference on Availability, Reliability and Security. IEEE, Piscataway, New Jersey, United States; 2011:555\u2013560."},{"key":"5_CR7","unstructured":"Bertino, E, Takahashi K: IdentityManagement: Concepts, Technologies, and Systems: ARTECH HOUSE, 16 Sussex Street, London SW1V 4RW UK; 2010."},{"key":"5_CR8","volume-title":"A survey on security issues in cloud computing","author":"R Bhadauria","year":"2011","unstructured":"Bhadauria, R, Chaki R, Chaki N, Sanyal S: A survey on security issues in cloud computing 2011. arXiv preprint arXiv:1109.5388."},{"key":"5_CR9","doi-asserted-by":"crossref","first-page":"493","DOI":"10.3233\/JCS-2007-15502","volume":"15","author":"A Bhargav-Spantzel","year":"2007","unstructured":"Bhargav-Spantzel A, Camenisch J, Gross T, Sommer D: User centricity: a taxonomy and open issues. J Comput Secur 2007, 15: 493\u2013527. IOS Press, 2007","journal-title":"J Comput Secur"},{"key":"5_CR10","unstructured":"Brute Force Attack. OWASP Testing Guide2013. [Online accessed September-2013]., [https:\/\/www.owasp.org\/index.php\/Brute_force_attack]"},{"key":"5_CR11","unstructured":"CA Technologies Inc.: CA Technologies Predicts Key Trends for Identity and Access Management in 20142014. . Online accessed April-2013., [http:\/\/www.ca.com\/us\/news\/press-releases\/na\/2014\/ca-technologies-predicts-key-trends-for-identity-and-access-management-in-2014.aspx]"},{"key":"5_CR12","volume-title":"The laws of identity: Microsoft Corp.","author":"K Cameron","year":"2005","unstructured":"Cameron, K: The laws of identity: Microsoft Corp.; 2005."},{"key":"5_CR13","first-page":"287","volume-title":"IEEE International Conference on Information Theory and Information Security (ICITIS)","author":"Y Cao","year":"2010","unstructured":"Cao, Y, Yang L: A survey of identity management technology. In IEEE International Conference on Information Theory and Information Security (ICITIS): IEEE; 2010:287\u2013293."},{"key":"5_CR14","doi-asserted-by":"publisher","first-page":"263","DOI":"10.1109\/WETICE.2010.49","volume-title":"Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE), 2010 19th IEEE International Workshop on","author":"A Celesti","year":"2010","unstructured":"Celesti A, Tusa F, Villari M, Puliafito A: Security and cloud computing: intercloud identity management infrastructure. In Enabling Technologies: Infrastructures for Collaborative Enterprises (WETICE), 2010 19th IEEE International Workshop on. IEEE, Piscataway, New Jersey, United States; 2010:263\u2013265."},{"key":"5_CR15","doi-asserted-by":"publisher","first-page":"792","DOI":"10.1109\/CloudCom.2011.122","volume-title":"Cloud Computing Technology and Science (CloudCom), 2011 IEEE Third International Conference on","author":"DW Chadwick","year":"2011","unstructured":"Chadwick DW, Casenove M: Security APIs for my private cloud-granting access to anyone, from anywhere at any time. In Cloud Computing Technology and Science (CloudCom), 2011 IEEE Third International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:792\u2013798."},{"key":"5_CR16","doi-asserted-by":"crossref","first-page":"289","DOI":"10.15388\/Informatica.2003.022","volume":"14","author":"C-C Chang","year":"2003","unstructured":"Chang C-C: Some forgery attacks on a remote user authentication scheme using smart cards. Informatica 2003, 14: 289\u2013294. IOS Press, 2003 IOS Press, 2003","journal-title":"Informatica"},{"key":"5_CR17","doi-asserted-by":"publisher","first-page":"647","DOI":"10.1109\/ICCSEE.2012.193","volume-title":"Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on","author":"D Chen","year":"2012","unstructured":"Chen D, Zhao H: Data security and privacy protection issues in cloud computing. In Computer Science and Electronics Engineering (ICCSEE), 2012 International Conference on. IEEE, Piscataway, New Jersey, United States; 2012:647\u2013651."},{"key":"5_CR18","doi-asserted-by":"publisher","first-page":"770","DOI":"10.1109\/CGC.2012.118","volume-title":"Cloud and Green Computing (CGC), 2012 Second International Conference on","author":"J Chen","year":"2012","unstructured":"Chen J, Wu X, Zhang S, Zhang W, Niu Y: A decentralized approach for implementing identity management in cloud computing. In Cloud and Green Computing (CGC), 2012 Second International Conference on. IEEE, Piscataway, New Jersey, United States; 2012:770\u2013776."},{"key":"5_CR19","doi-asserted-by":"publisher","first-page":"56","DOI":"10.1109\/ICWMC.2007.33","volume-title":"Wireless and Mobile Communications, 2007. ICWMC\u201907. Third International Conference on","author":"MM Chowdhury","year":"2007","unstructured":"Chowdhury MM, Noll J: Distributed identity for secure service interaction. In Wireless and Mobile Communications, 2007. ICWMC\u201907. Third International Conference on. IEEE, Piscataway, New Jersey, United States; 2007:56\u201356."},{"key":"5_CR20","doi-asserted-by":"publisher","first-page":"110","DOI":"10.1109\/APSCC.2011.14","volume-title":"Services Computing Conference (APSCC), 2011 IEEE Asia-Pacific","author":"AJ Choudhury","year":"2011","unstructured":"Choudhury AJ, Kumar P, Sain M, Lim H, Jae-Lee H: A strong user authentication framework for cloud computing. In Services Computing Conference (APSCC), 2011 IEEE Asia-Pacific. IEEE, Piscataway, New Jersey, United States; 2011:110\u2013115."},{"key":"5_CR21","unstructured":"Cloud Security Alliance: Cloud Security Alliance SecaaS Guidance, Category 1: Identity and Access Management, 2012 by Cloud Security Alliance. [Online accessed: November 2013], 2011., [https:\/\/cloudsecurityalliance.org\/download\/secaas-category-1-identity-and-access-management-implementation-guidance\/]"},{"key":"5_CR22","doi-asserted-by":"publisher","first-page":"389","DOI":"10.1109\/DEXA.2003.1232053","volume-title":"the Proceedings of Database and Expert Systems Applications, 2003. Proceedings. 14th International Workshop on","author":"C Conrado","year":"2003","unstructured":"Conrado C, Kamperman F, Schrijen GJ, Jonker W: Privacy in an identity-based DRM system. In the Proceedings of Database and Expert Systems Applications, 2003. Proceedings. 14th International Workshop on. IEEE, Piscataway, New Jersey, United States; 2003:389\u2013395."},{"key":"5_CR23","doi-asserted-by":"publisher","first-page":"24","DOI":"10.1109\/MSP.2008.49","volume":"6","author":"R Dhamija","year":"2008","unstructured":"Dhamija R, Dusseault L: The seven flaws of identity management: usability and security challenges. IEEE Secur Privacy 2008, 6: 24\u201329. IEEE, 2008 IEEE, 2008 10.1109\/MSP.2008.49","journal-title":"IEEE Secur Privacy"},{"key":"5_CR24","first-page":"1094","volume-title":"Information & Communication Technology Electronics & Microelectronics (MIPRO), 2013 36th International Convention on","author":"A Donevski","year":"2013","unstructured":"Donevski A, Ristov S, Gusev M: Security assessment of virtual machines in open source clouds. In Information & Communication Technology Electronics & Microelectronics (MIPRO), 2013 36th International Convention on. IEEE, Piscataway, New Jersey, United States; 2013:1094\u20131099."},{"key":"5_CR25","unstructured":"Eucalyptus Systems, Inc.: Eucalyptus Identity and Access Management (IAM)2012. , [Online accessed August-2014]., [https:\/\/www.eucalyptus.com\/docs\/eucalyptus\/4.0\/security-guide\/security_bp_access.html]"},{"key":"5_CR26","doi-asserted-by":"publisher","first-page":"251","DOI":"10.1109\/ICPPW.2010.42","volume-title":"Parallel Processing Workshops (ICPPW), 2010 39th International Conference on","author":"J Feng","year":"2010","unstructured":"Feng J, Chen Y, Ku WS, Liu P: Analysis of integrity vulnerabilities and a non-repudiation protocol for cloud data storage platforms. In Parallel Processing Workshops (ICPPW), 2010 39th International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:251\u2013258."},{"key":"5_CR27","doi-asserted-by":"publisher","first-page":"454","DOI":"10.1109\/HPCSim.2012.6266958","volume-title":"High Performance Computing and Simulation (HPCS) 2012 International Conference on","author":"MS Ferdous","year":"2012","unstructured":"Ferdous MS, Poet R: A comparative analysis of identity management systems. In High Performance Computing and Simulation (HPCS) 2012 International Conference on. IEEE, Piscataway, New Jersey, United States; 2012:454\u2013461."},{"key":"5_CR28","volume-title":"Above the Clouds: a Berkeley View of Cloud Computing","author":"A Fox","year":"2009","unstructured":"Fox A, Griffith R, Joseph A, Katz R, Konwinski A, Lee G, Patterson D, Rabkin A, Stoica I: Above the Clouds: a Berkeley View of Cloud Computing. Dept. Electrical Eng. and Comput. Sciences, University of California, Berkeley; 2009."},{"key":"5_CR29","first-page":"45","volume":"7","author":"A Gopalakrishnan","year":"2009","unstructured":"Gopalakrishnan A: Cloud computing identity management. SETLabs Briefings 2009, 7: 45\u201354.","journal-title":"SETLabs Briefings"},{"key":"5_CR30","volume-title":"International Journal of Engineering Research and Technology (Vol. 1, No. 4 (June-2012))","author":"K Gunjan","year":"2012","unstructured":"Gunjan K, Sahoo G, Tiwari RK: Identity management in cloud computing-a review. In International Journal of Engineering Research and Technology (Vol. 1, No. 4 (June-2012)). ESRSA Publications, Kudasan, Gandhinagar, Gujarat, India; 2012."},{"key":"5_CR31","doi-asserted-by":"publisher","DOI":"10.1002\/9781118269091","volume-title":"Auditing Cloud Computing: a Security and Privacy Guide (Vol. 21)","author":"B Halpert","year":"2011","unstructured":"Halpert B: Auditing Cloud Computing: a Security and Privacy Guide (Vol. 21). John Wiley & Sons, Hoboken, New Jersey, USA; 2011."},{"key":"5_CR32","doi-asserted-by":"publisher","first-page":"230","DOI":"10.1109\/CNSM.2010.5691295","volume-title":"Network and Service Management (CNSM), 2010 International Conference on","author":"T Hoellrigl","year":"2010","unstructured":"Hoellrigl T, K\u00fchner H, Dinger J, Hartenstein H: User-controlled automated identity delegation. In Network and Service Management (CNSM), 2010 International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:230\u2013233."},{"key":"5_CR33","first-page":"1","volume-title":"System Sciences (HICSS), 2011 44th Hawaii International Conference on","author":"WA Jansen","year":"2011","unstructured":"Jansen WA: Cloud hooks: Security and privacy issues in cloud computing. In System Sciences (HICSS), 2011 44th Hawaii International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:1\u201310."},{"key":"5_CR34","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-144","volume-title":"Guidelines on Security and Privacy in Public Cloud Computing","author":"W Jansen","year":"2011","unstructured":"Jansen, W, Grance T: Guidelines on Security and Privacy in Public Cloud Computing: NIST special publication, 800, 144, NIST; 2011."},{"key":"5_CR35","doi-asserted-by":"publisher","first-page":"109","DOI":"10.1109\/CLOUD.2009.60","volume-title":"Cloud Computing, 2009. CLOUD\u201909. IEEE International Conference on","author":"M Jensen","year":"2009","unstructured":"Jensen M, Schwenk J, Gruschka N, Iacono LL: On technical security issues in cloud computing. In Cloud Computing, 2009. CLOUD\u201909. IEEE International Conference on. IEEE, Piscataway, New Jersey, United States; 2009:109\u2013116."},{"key":"5_CR36","first-page":"99","volume-title":"Proceedings of the 2005 Australasian workshop on Grid computing and e-research-Volume 44","author":"A J\u00f8sang","year":"2005","unstructured":"J\u00f8sang, A, Fabre J, Hay B, Dalziel J, Pope S: Trust requirements in identity management. In Proceedings of the 2005 Australasian workshop on Grid computing and e-research-Volume 44: Australian Computer Society, Inc.; 2005:99\u2013108."},{"key":"5_CR37","doi-asserted-by":"publisher","first-page":"391","DOI":"10.1109\/SAINT.2010.68","volume-title":"Applications and the Internet (SAINT), 2010 10th IEEE\/IPSJ International Symposium on","author":"IK Kim","year":"2010","unstructured":"Kim IK, Pervez Z, Khattak AM, Lee S: Chord based identity management for e-Healthcare cloud applications. In Applications and the Internet (SAINT), 2010 10th IEEE\/IPSJ International Symposium on. IEEE, Piscataway, New Jersey, United States; 2010:391\u2013394."},{"key":"5_CR38","volume-title":"Open Source Solution for Cloud Computing Platform Using OpenStack","author":"R Kumar","year":"2014","unstructured":"Kumar, R, Gupta N, Charu S, Jain K, Jangir SK: Open Source Solution for Cloud Computing Platform Using OpenStack; 2014."},{"key":"5_CR39","unstructured":"Kumaraswamy, S, Lakshminarayanan S, Reiter M, Stein J, Wilson Y: Domain 12: Guidance for Identity & Access Management V2. 1. Cloud Security Alliance2010. , [https:\/\/cloudsecurityalliance.org\/guidance\/csaguide-dom12-v2.10.pdf]"},{"key":"5_CR40","doi-asserted-by":"publisher","first-page":"634","DOI":"10.1109\/CloudCom.2010.13","volume-title":"Cloud Computing Technology and Science (CloudCom) 2010 IEEE Second International Conference on","author":"U Lang","year":"2010","unstructured":"Lang U: Openpmf scaas: authorization as a service for cloud & soa applications. In Cloud Computing Technology and Science (CloudCom) 2010 IEEE Second International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:634\u2013643."},{"key":"5_CR41","first-page":"88","volume-title":"ICN 2012, The Eleventh International Conference on Networks","author":"MA Leandro","year":"2012","unstructured":"Leandro, MA, Nascimento TJ, dos Santos DR, Westphall CM, Westphall CB: Multi-tenancy authorization system with federated identity for cloud-based environments using shibboleth. In ICN 2012, The Eleventh International Conference on Networks; 2012:88\u201393."},{"key":"5_CR42","doi-asserted-by":"publisher","first-page":"801","DOI":"10.1109\/TrustCom.2012.153","volume-title":"Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on","author":"J Leskinen","year":"2012","unstructured":"Leskinen J: Evaluation criteria for future identity management. In Trust, Security and Privacy in Computing and Communications (TrustCom), 2012 IEEE 11th International Conference on. IEEE, Piscataway, New Jersey, United States; 2012:801\u2013806."},{"key":"5_CR43","doi-asserted-by":"publisher","first-page":"89","DOI":"10.1007\/978-3-642-16161-2_6","volume-title":"Security and Privacy in Communication Networks","author":"M Li","year":"2010","unstructured":"Li M, Yu S, Ren K, Lou W: Securing personal health records in cloud computing: Patient-centric and fine-grained data access control in multi-owner settings. In Security and Privacy in Communication Networks. Springer, Berlin, Heidelberg; 2010:89\u2013106."},{"key":"5_CR44","doi-asserted-by":"publisher","first-page":"864","DOI":"10.1109\/NSWCTC.2009.287","volume-title":"Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC\u201909. International Conference on","author":"S Luo","year":"2009","unstructured":"Luo S, Hu J, Chen Z: An identity-based one-time password scheme with anonymous authentication. In Networks Security, Wireless Communications and Trusted Computing, 2009. NSWCTC\u201909. International Conference on. IEEE, Piscataway, New Jersey, United States; 2009:864\u2013867."},{"key":"5_CR45","doi-asserted-by":"publisher","first-page":"49","DOI":"10.1109\/EIDWT.2011.16","volume-title":"Emerging Intelligent Data and Web Technologies (EIDWT), 2011 International Conference on","author":"Z Mahmood","year":"2011","unstructured":"Mahmood Z: \u201cData location and security issues in cloud computing\u201d. In Emerging Intelligent Data and Web Technologies (EIDWT), 2011 International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:49\u201354."},{"key":"5_CR46","volume-title":"Cloud security and privacy: an enterprise perspective on risks and compliance","author":"T Mather","year":"2009","unstructured":"Mather T, Kumaraswamy S, Latif S: Cloud security and privacy: an enterprise perspective on risks and compliance. O\u2019Reilly Media, Inc., Sebastopol, CA, USA; 2009."},{"key":"5_CR47","doi-asserted-by":"publisher","DOI":"10.6028\/NIST.SP.800-122","volume-title":"Guide to Protecting the Confidentiality of Personally Identifiable Information","author":"E McCallister","year":"2010","unstructured":"McCallister E: Guide to Protecting the Confidentiality of Personally Identifiable Information. Diane Publishing, Collingdale, PA, United States; 2010."},{"key":"5_CR48","unstructured":"Maler, E, Mishra P, Philpott R: Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML)2003. . Online accessed January-2013., [https:\/\/www.oasis-open.org\/committees\/download.php\/3406\/oasis-sstc-saml-core-1.1.pdf]"},{"key":"5_CR49","volume-title":"Improving Web Services Security: Scenarios and Implementation Guidance forWCF","author":"JD Meier","year":"2009","unstructured":"Meier, JD, Farre C, Taylor J, Bansode P, Gregersen S, Sundararajan M, Boucher R: Improving Web Services Security: Scenarios and Implementation Guidance for WCF: Microsoft Developer Network; 2009"},{"key":"5_CR50","first-page":"172","volume-title":"Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), 2011 7th International Conference on","author":"M Nabeel","year":"2011","unstructured":"Nabeel M, Bertino E, Kantarcioglu M, Thuraisingham B: Towards privacy preserving access control in the cloud. In Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), 2011 7th International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:172\u2013180."},{"key":"5_CR51","first-page":"2021","volume-title":"Proceedings of the IEEE","author":"L O\u2019Gorman","year":"2003","unstructured":"O\u2019Gorman L: Comparing passwords, tokens, and biometrics for user authentication. In Proceedings of the IEEE. IEEE, Piscataway, New Jersey, United States; 2003:2021\u20132040."},{"key":"5_CR52","doi-asserted-by":"publisher","first-page":"52","DOI":"10.1109\/MC.2011.60","volume":"44","author":"E Olden","year":"2011","unstructured":"Olden E: Architecting a cloud-scale identity fabric. Computer 2011, 44: 52\u201359. IEEE, 2011 IEEE, 2011 10.1109\/MC.2011.60","journal-title":"Computer"},{"key":"5_CR53","doi-asserted-by":"publisher","first-page":"249","DOI":"10.1007\/3-540-45067-X_22","volume-title":"Information Security and Privacy","author":"A Pashalidis","year":"2003","unstructured":"Pashalidis A, Mitchell CJ: A taxonomy of single sign-on systems. In Information Security and Privacy. Springer, Berlin, Heidelberg; 2003:249\u2013264."},{"key":"5_CR54","doi-asserted-by":"publisher","first-page":"693","DOI":"10.1109\/CloudCom.2010.66","volume-title":"Cloud Computing Technology and Science (CloudCom) 2010 IEEE Second International Conference on","author":"S Pearson","year":"2010","unstructured":"Pearson S, Benameur A: Privacy, security and trust issues arising from cloud computing. In Cloud Computing Technology and Science (CloudCom) 2010 IEEE Second International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:693\u2013702."},{"key":"5_CR55","doi-asserted-by":"publisher","first-page":"368","DOI":"10.1109\/SRDS.2010.57","volume-title":"Reliable Distributed Systems, 2010 29th IEEE Symposium on","author":"R Ranchal","year":"2010","unstructured":"Ranchal R, Bhargava B, Othmane LB, Lilien L, Kim A, Kang M, Linderman M: Protection of identity information in cloud computing without trusted third party. In Reliable Distributed Systems, 2010 29th IEEE Symposium on. IEEE, Piscataway, New Jersey, United States; 2010:368\u2013372."},{"key":"5_CR56","doi-asserted-by":"publisher","first-page":"614","DOI":"10.1147\/sj.403.0614","volume":"40","author":"NK Ratha","year":"2001","unstructured":"Ratha NK, Connell JH, Bolle RM: Enhancing security and privacy in biometrics-based authentication systems. IBM Syst J 2001, 40: 614\u2013634. IBM, 2001 IBM, 2001 10.1147\/sj.403.0614","journal-title":"IBM Syst J"},{"key":"5_CR57","unstructured":"Rhoton, J: Discover OpenStack: the identity component keystone2013. . Online accessed August 2014., [http:\/\/www.ibm.com\/developerworks\/cloud\/library\/cl-openstack-keystone\/index.html?ca=dat-]"},{"key":"5_CR58","doi-asserted-by":"publisher","first-page":"44","DOI":"10.1109\/NCM.2009.218","volume-title":"INC, IMS and IDC, 2009. NCM\u201909. Fifth International Joint Conference on","author":"BP Rimal","year":"2009","unstructured":"Rimal BP, Choi E, Lumb I: A taxonomy and survey of cloud computing systems. In INC, IMS and IDC, 2009. NCM\u201909. Fifth International Joint Conference on. IEEE, Piscataway, New Jersey, United States; 2009:44\u201351."},{"key":"5_CR59","unstructured":"Rose, J, Rehse O, Rober B: The value of our digital identity: The Boston Consulting Group; 2011. , Online accessed March-2013., [http:\/\/www.libertyglobal.com\/PDF\/public-policy\/The-Value-of-Our-Digital-Identity.pdf]"},{"key":"5_CR60","doi-asserted-by":"publisher","first-page":"95","DOI":"10.1109\/TCE.2012.6170060","volume":"58","author":"R Sanchez","year":"2012","unstructured":"Sanchez R, Almenares F, Arias P, Diaz-Sanchez D, Mar\u00edn A: Enhancing privacy and dynamic federation in IdM for consumer cloud computing. IEEE Trans Consum Electron 2012, 58: 95\u2013103. IEEE, 2012 IEEE, 2012 10.1109\/TCE.2012.6170060","journal-title":"IEEE Trans Consum Electron"},{"key":"5_CR61","first-page":"38","volume":"16","author":"S Salsano","year":"2002","unstructured":"Salsano S, Veltri L, Papalilo D: SIP security issues: the SIP authentication procedure and its processing load. Network 2002, 16: 38\u201344. IEEE, 2002 IEEE, 2002","journal-title":"Network"},{"key":"5_CR62","doi-asserted-by":"publisher","first-page":"280","DOI":"10.1109\/CLOUD.2010.22","volume-title":"Cloud Computing (CLOUD), 2010 IEEE 3rd International Conference on","author":"P Saripalli","year":"2010","unstructured":"Saripalli P, Walters B: Quirc: A quantitative impact and risk assessment framework for cloud security. In Cloud Computing (CLOUD), 2010 IEEE 3rd International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:280\u2013288."},{"key":"5_CR63","doi-asserted-by":"crossref","unstructured":"Saroiu, S, Wolman A: Enabling new mobile applications with location proofs. In Proceedings of the 10th workshop on Mobile Computing Systems and Applications: ACM; 2009:3.","DOI":"10.1145\/1514411.1514414"},{"key":"5_CR64","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1109\/ARES.2011.14","volume-title":"Availability, Reliability and Security (ARES), 2011 Sixth International Conference on","author":"C Senk","year":"2011","unstructured":"Senk C, Dotzler F: Biometric Authentication as a service for enterprise identity management deployment: a data protection perspective. In Availability, Reliability and Security (ARES), 2011 Sixth International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:43\u201350."},{"key":"5_CR65","doi-asserted-by":"publisher","first-page":"504","DOI":"10.1109\/ITNG.2009.193","volume-title":"Information Technology: New Generations, 2009. ITNG\u201909. Sixth International Conference on","author":"D Shin","year":"2009","unstructured":"Shin D, Lopes R, Claycomb W: Authenticated dictionary-based attribute sharing in federated identity management. In Information Technology: New Generations, 2009. ITNG\u201909. Sixth International Conference on. IEEE, Piscataway, New Jersey, United States; 2009:504\u2013509."},{"key":"5_CR66","unstructured":"Slone, S: Identity management. A white paper: The open group identity management work area; 2004."},{"issue":"1","key":"5_CR67","doi-asserted-by":"publisher","first-page":"86","DOI":"10.1016\/S1363-4127(04)00018-4","volume":"9","author":"G Sodhi","year":"2004","unstructured":"Sodhi G: User provisioning with SPML. Inf Secur Tech Rep 2004, 9(1):86\u201396. 10.1016\/S1363-4127(04)00018-4","journal-title":"Inf Secur Tech Rep"},{"key":"5_CR68","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1016\/j.jnca.2010.07.006","volume":"34","author":"S Subashini","year":"2011","unstructured":"Subashini S, Kavitha V: A survey on security issues in service delivery models of cloud computing. J Netw Comput Appl 2011, 34: 1\u201311. Elsevier Elsevier 10.1016\/j.jnca.2010.07.006","journal-title":"J Netw Comput Appl"},{"key":"5_CR69","doi-asserted-by":"publisher","first-page":"388","DOI":"10.1016\/j.jnca.2008.02.016","volume":"32","author":"S Suriadi","year":"2009","unstructured":"Suriadi S, Foo E, J\u00f8sang A: A user-centric federated single sign-on system. J Netw Comput Appl 2009, 32: 388\u2013401. Elsevier, 2009 Elsevier, 2009 10.1016\/j.jnca.2008.02.016","journal-title":"J Netw Comput Appl"},{"key":"5_CR70","volume-title":"In the proceedings of Conference on Applied Research in Information Technology","author":"DR Thompson","year":"2006","unstructured":"Thompson, DR, Chaudhry N, Thompson CW: \u201cRFID security threat model\u201d. In the proceedings of Conference on Applied Research in Information Technology; 2006."},{"key":"5_CR71","doi-asserted-by":"publisher","DOI":"10.1007\/978-90-6704-731-9","volume-title":"Innovating Government: An Introduction to the Book (pp. 1-14)","author":"S Van der Hof","year":"2011","unstructured":"Van der Hof S: Innovating Government: An Introduction to the Book (pp. 1\u201314). TMC Asser Press, R.J. Schimmelpennincklaan, JN Den Haag; 2011."},{"key":"5_CR72","doi-asserted-by":"publisher","first-page":"843","DOI":"10.1109\/GSIS.2011.6043978","volume-title":"Grey Systems and Intelligent Services (GSIS), 2011 IEEE International Conference on","author":"JJ Wang","year":"2011","unstructured":"Wang JJ, Mu S: \u201cSecurity issues and countermeasures in cloud computing\u201d. In Grey Systems and Intelligent Services (GSIS), 2011 IEEE International Conference on. IEEE, Piscataway, New Jersey, United States; 2011:843\u2013846."},{"key":"5_CR73","doi-asserted-by":"publisher","first-page":"327","DOI":"10.1007\/978-3-642-17455-1_21","volume-title":"Pairing-Based Cryptography-Pairing 2010","author":"L Wang","year":"2010","unstructured":"Wang L, Wang L, Mambo M, Okamoto E: New identity-based proxy re-encryption schemes to prevent collusion attacks. In Pairing-Based Cryptography-Pairing 2010. Springer, Berlin, Heidelberg; 2010:327\u2013346."},{"key":"5_CR74","volume-title":"Digital Identity","author":"PJ Windley","year":"2005","unstructured":"Windley PJ: Digital Identity. O\u2019Reilly Media, Inc., Sebastopol, CA, USA; 2005."},{"key":"5_CR75","doi-asserted-by":"publisher","first-page":"167","DOI":"10.1007\/978-3-642-10665-1_15","volume-title":"Cloud Computing","author":"L Yan","year":"2009","unstructured":"Yan L, Rong C, Zhao G: Strengthen cloud computing security with federal identity management using hierarchical identity-based cryptography. In Cloud Computing. Springer, Berlin, Heidelberg; 2009:167\u2013177."},{"key":"5_CR76","first-page":"143","volume":"6","author":"AA Yassin","year":"2012","unstructured":"Yassin AA, Jin H, Ibrahim A, Qiang W, Zou D: Efficient password-based two factors authentication in cloud computing. Int J Secur Appl 2012, 6: 143\u2013148.","journal-title":"Int J Secur Appl"},{"key":"5_CR77","doi-asserted-by":"publisher","first-page":"573","DOI":"10.1109\/ICDCSW.2012.20","volume-title":"Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on","author":"P You","year":"2012","unstructured":"You P, Peng Y, Liu W, Xue S: Security issues and solutions in cloud computing. In Distributed Computing Systems Workshops (ICDCSW), 2012 32nd International Conference on. IEEE, Piscataway, New Jersey, United States; 2012:573\u2013577."},{"key":"5_CR78","doi-asserted-by":"publisher","first-page":"1","DOI":"10.1109\/GCE.2008.4738443","volume-title":"Grid Computing Environments Workshop, 2008. GCE\u201908","author":"L Youseff","year":"2008","unstructured":"Youseff L, Butrico M, Da Silva D: Toward a unified ontology of cloud computing. In Grid Computing Environments Workshop, 2008. GCE\u201908. IEEE, Piscataway, New Jersey, United States; 2008:1\u201310."},{"key":"5_CR79","doi-asserted-by":"publisher","first-page":"305","DOI":"10.1109\/SCC.2010.46","volume-title":"Services Computing (SCC), 2010 IEEE International Conference on","author":"Y Zhang","year":"2010","unstructured":"Zhang Y, Chen JL: Universal identity management model based on anonymous credentials. In Services Computing (SCC), 2010 IEEE International Conference on. IEEE, Piscataway, New Jersey, United States; 2010:305\u2013312."},{"key":"5_CR80","doi-asserted-by":"publisher","first-page":"583","DOI":"10.1016\/j.future.2010.12.006","volume":"28","author":"D Zissis","year":"2012","unstructured":"Zissis D, Lekkas D: Addressing cloud computing security issues. Future Generat Comput Syst 2012, 28: 583\u2013592. Elsevier, 2012 Elsevier, 2012 10.1016\/j.future.2010.12.006","journal-title":"Future Generat Comput Syst"},{"key":"5_CR81","first-page":"388","volume-title":"IACR Cryptology ePrint Archive, Volume 2005","author":"Y Zhou","year":"2005","unstructured":"Zhou, Y, Feng D: Side-channel attacks: ten years after its publication and the impacts on cryptographic module security testing. In IACR Cryptology ePrint Archive, Volume 2005; 2005:388."}],"container-title":["Complex Adaptive Systems Modeling"],"original-title":[],"language":"en","link":[{"URL":"https:\/\/link.springer.com\/article\/10.1186\/s40294-014-0005-9\/fulltext.html","content-type":"text\/html","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s40294-014-0005-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"text-mining"},{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1186\/s40294-014-0005-9","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"},{"URL":"https:\/\/link.springer.com\/content\/pdf\/10.1186\/s40294-014-0005-9.pdf","content-type":"application\/pdf","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2021,7,30]],"date-time":"2021-07-30T12:44:26Z","timestamp":1627649066000},"score":1,"resource":{"primary":{"URL":"https:\/\/link.springer.com\/10.1186\/s40294-014-0005-9"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2014,11,11]]},"references-count":81,"journal-issue":{"issue":"1","published-print":{"date-parts":[[2014,12]]}},"alternative-id":["5"],"URL":"https:\/\/doi.org\/10.1186\/s40294-014-0005-9","relation":{},"ISSN":["2194-3206"],"issn-type":[{"value":"2194-3206","type":"electronic"}],"subject":[],"published":{"date-parts":[[2014,11,11]]},"assertion":[{"value":"19 July 2014","order":1,"name":"received","label":"Received","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"1 September 2014","order":2,"name":"accepted","label":"Accepted","group":{"name":"ArticleHistory","label":"Article History"}},{"value":"11 November 2014","order":3,"name":"first_online","label":"First Online","group":{"name":"ArticleHistory","label":"Article History"}}],"article-number":"5"}}