За технічних причин Електронний архів Харківського національного університету радіоелектроніки «ElAr КhNURE» працює тільки на перегляд. Про відновлення роботи у повному обсязі буде своєчасно повідомлено.
 

Публікація:
Mechanisms of ensuring security in Keystone service

Зображення мініатюри

Файли

192_kuzminykh_keystone.pdf (524.06 KB)

Дата

2019

Автори

Назва журналу

ISSN журналу

Назва тома

Видавництво

ХНУРЕ

Дослідницькі проекти

Організаційні підрозділи

Видання журналу

Анотація

User authentication is one of the most important aspects in the area of cloud services, followed by the storing of sensitive information about customers. A number of solutions exist for authentication, security, and privacy provisioning in cloud, while cloud identity management systems aim to simplify and harmonise access. This paper presents an investigation into the security problems associated with cloud identity and access management system (IAMS), using the Keystone identity service within OpenStack as an example. In order to analyse the existing challenges, the paper expands security provisioning into authentication management, authorization management, personal data protection, privacy and confidentiality, as well as logging and auditing and considers the security mechanisms required for any cloud IAMS for each one of these categories. The paper also investigates some of the existing and potential attacks against the Keystone service, then follows with recommendations and mechanisms for enhancing the security. The vulnerabilities in cloud IAMS show that most systems support at most a subset of security provisioning mechanisms or have their own flaws; in addition, there are no unified international standards in this cloud identity systems area for cloud and service providers. The identified list of attacks and the associated mitigation mechanisms will help to provide the identity and access management system with the protection of identity credentials in the cloud system. The provided results can help with further researching mechanisms aiming to ensure personal data confidentiality and integrity.

Опис

Ключові слова

security, mechanism, identification, Keystone, vulnerability

Бібліографічний опис

Kuzminykh I. Mechanisms of ensuring security in Keystone service / Kuzminykh I., Fliustikova M. // Проблеми телекомунікацій. – 2019. – Вип. 2(25). – С. 78-96. – Режим доступу: http://pt.nure.ua/wp-content/uploads/2020/02/192_kuzminykh_keystone.pdf

DOI

URI

http://openarchive.nure.ua/handle/document/11859

Колекції

Кафедра інфокомунікаційної інженерії (ІКІ)