Mechanisms of ensuring security in Keystone service

Kuzminykh, I.; Fliustikova, M.

Публікація:
Mechanisms of ensuring security in Keystone service

dc.contributor.author	Kuzminykh, I.
dc.contributor.author	Fliustikova, M.
dc.date.accessioned	2020-05-26T16:50:44Z
dc.date.available	2020-05-26T16:50:44Z
dc.date.issued	2019
dc.description.abstract	User authentication is one of the most important aspects in the area of cloud services, followed by the storing of sensitive information about customers. A number of solutions exist for authentication, security, and privacy provisioning in cloud, while cloud identity management systems aim to simplify and harmonise access. This paper presents an investigation into the security problems associated with cloud identity and access management system (IAMS), using the Keystone identity service within OpenStack as an example. In order to analyse the existing challenges, the paper expands security provisioning into authentication management, authorization management, personal data protection, privacy and confidentiality, as well as logging and auditing and considers the security mechanisms required for any cloud IAMS for each one of these categories. The paper also investigates some of the existing and potential attacks against the Keystone service, then follows with recommendations and mechanisms for enhancing the security. The vulnerabilities in cloud IAMS show that most systems support at most a subset of security provisioning mechanisms or have their own flaws; in addition, there are no unified international standards in this cloud identity systems area for cloud and service providers. The identified list of attacks and the associated mitigation mechanisms will help to provide the identity and access management system with the protection of identity credentials in the cloud system. The provided results can help with further researching mechanisms aiming to ensure personal data confidentiality and integrity.	uk_UA
dc.identifier.citation	Kuzminykh I. Mechanisms of ensuring security in Keystone service / Kuzminykh I., Fliustikova M. // Проблеми телекомунікацій. – 2019. – Вип. 2(25). – С. 78-96. – Режим доступу: http://pt.nure.ua/wp-content/uploads/2020/02/192_kuzminykh_keystone.pdf	uk_UA
dc.identifier.uri	http://openarchive.nure.ua/handle/document/11859
dc.language.iso	en	uk_UA
dc.publisher	ХНУРЕ	uk_UA
dc.subject	security	uk_UA
dc.subject	mechanism	uk_UA
dc.subject	identification	uk_UA
dc.subject	Keystone	uk_UA
dc.subject	vulnerability	uk_UA
dc.title	Mechanisms of ensuring security in Keystone service	uk_UA
dc.type	Article	uk_UA
dspace.entity.type	Publication