Controlling Exposure of Sensitive Data and Operation Using Process Bound Security Tokens in Cloud Computing Environment
作者: John Y-C. Chang , Ki Hong Park , Ching-Yun Chao , Bertrand Be-Chung Chiu
DOI:
关键词:
摘要: Exposure of sensitive information to users is controlled using a first security token containing user identity and credentials represent the who requests services, second two other identities, one identifying issuer owning process. When requesting token-owning process sends indicate making request, uses its key digitally sign request. The signs request that it endorses A receiving server accepts if (1) by signing request; (2) valid (token signed digital signature verified unexpired); (3) entity, which can be real or deployment process, represented has authorization access specified resources; (4) authorized endorse entity resources.
lens.org 参考文章(26)
Vishwanath Venkataramappa, Single sign on for kerberos authentication ,(2002)
Peter Birk, Derek Hok Ho, David Chang, Identity assertion token principal mapping for common secure interoperability ,(2002)
Amir Zilberstein, Lior Frenkel, Oran Epelbaum, Marc Gaffan, Secure handling of identification tokens ,(2009)
Simon Gilbert Canning, Scott Anthony Exton, Neil Ian Readshaw, Method and apparatus for single sign-off using cookie tracking in a proxy ,(2010)
Jiandong Guo, Pratibha Gupta, Nickolas Kavantzas, Session sharing in secure web service conversations ,(2012)
Ravi Krishna, Cookie-based acceleration of an authentication protocol ,(2005)
Stuart Hoggan, Seetharama Rao V. Durbha, Application authorization for video services ,(2012)
Kamen Kamenov Moutafov, Arbitrating an appropriate back-end server to receive channels of a client session ,(2006)
Jason C. Mayans, Remi A. J. Lemarchand, Cliff M. R. Don, Database driven type extensibility ,(2003)
Daniel S. Sanders, Duane F. Buss, Thomas E. Doman, Andrew A. Hodgkinson, James Sermersheim, Multiple persona information cards ,(2009)