An Overview of Cloud Identity Management-Models

Bernd Zwattendorfer, Thomas Zefferer, Klaus Stranacher


Unique identification and secure authentication are essential processes in various areas of application, e.g. in e-Government, e-Health, or e-Business. During the past years several identity management-systems and models have evolved. Many organizations and enterprises or even countries for their national eID solutions rely on identity management-systems for securing their applications. Since more and more applications are migrated into the cloud, secure identification and authentication are also vital in the cloud domain. However, cloud identity management-systems need to meet slightly different requirements than traditional identity management-systems and thus cannot be clustered into the same model types or categories. Therefore, in this paper we give an overview of different cloud identity management-models that have already emerged up to now. We further compare these models based on selected criteria, e.g. on practicability and privacy aspects.


  1. Armbrust, M., Fox, A., Griffith, R., Joseph, A. D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., and Zaharia, M. (2009). Above the Clouds : A Berkeley View of Cloud Computing Cloud Computing. Technical report, RAD Lab.
  2. Ateniese, G., Fu, K., Green, M., and Hohenberger, S. (2006). Improved proxy re-encryption schemes with applications to secure distributed storage. ACM Trans. Inf. Syst. Secur., 9(1):1-30.
  3. Ates, M., Ravet, S., Ahmat, A. M., and Fayolle, J. (2011). An Identity-Centric Internet: Identity in the Cloud, Identity as a Service and Other Delights. ARES 2011, pages 555-560.
  4. Bauer, M., Meints, M., and Hansen, M. (2005). D3.1: Structured Overview on Prototypes and Concepts of Identity Management System. FIDIS.
  5. Bertino, E. and Takahashi, K. (2011). Identity Management: Concepts, Technologies, and Systems. Artech House.
  6. Birrell, E. and Schneider, F. (2013). Federated Identity Management Systems: A Privacy-based Characterization. IEEE Security and Privacy, 11(5):36-48.
  7. Cao, Y. and Yang, L. (2010). A survey of Identity Management technology. In IEEE ICITIS 2010, pages 287- 293. IEEE.
  8. Cloud Security Alliance (2011). Security Guidance for Critical Areas of Focus in Cloud Computing V3.0. CSA.
  9. Cox, P. (2012). How to Manage Identity in the Public Cloud. InformationWeek reports.
  10. Dabrowski, M. and Pacyna, P. (2008). Generic and Complete Three-Level Identity Management Model. In SECURWARE 2008, pages 232-237. IEEE.
  11. Dbrowski, M. and Pacyna, P. (2008). Overview of Identity Management. Technical report,
  12. Frommm, J. and Hoepner, P. (2011). The New German eID Card. In Fumy, W. and Paeschke, M., editors, Handbook of eID Security - Concepts, Practical Experiences, Technologies, pages 154-166. Publicis Publishing, Erlangen.
  13. Gopalakrishnan, A. (2009). Cloud Computing Identity Management. SETLabs Briefings, 7(7):45-55.
  14. Goulding, J. T. (2010). identity and Access Management for the Cloud : CAs Strategy and vision. Technical Report May, CA Technologies.
  15. Green, M. and Ateniese, G. (2007). Identity-Based Proxy Re-encryption. In ACNS 2007, volume 4521 of LNCS, pages 288-306. Springer.
  16. Huang, H. Y., Wang, B., Liu, X. X., and Xu, J. M. (2010). Identity Federation Broker for Service Cloud. ICSS 2010, pages 115-120.
  17. Jøsang, A., Fabre, J., Hay, B., Dalziel, J., and Pope, S. (2005). Trust Requirements in Identity Management. Proceedings of the 2005 Australasian workshop on Grid computing and e-research, pages 99-108.
  18. Jøsang, A. and Pope, S. (2005). User Centric Identity Management. AusCERT 2005.
  19. Jøsang, A., Zomai, M. A., and Suriadi, S. (2007). Usability and privacy in identity management architectures. In ACSW 7807, pages 143-152.
  20. Kaler, C. and McIntosh, M. (2009). Web Services Federation Language (WS-Federation) Version 1.2. OASIS Standard.
  21. Leitold, H., Hollosi, A., and Posch, R. (2002). Security architecture of the Austrian citizen card concept. In ACSAC 2002, pages 391-400.
  22. Linn, J., Boeyen, S., Ellison, G., Karhuluoma, N., Macgregor, W., Madsen, P., Sengodan, S., Shinkar, S., and Thompson, P. (2004). Trust Models Guidelines. Technical report, OASIS.
  23. Neuman, C., Yu, T., Hartman, S., and Raeburn, K. (2005). The Kerberos Network Authentication Service (V5). RFC 4120 (Proposed Standard).
  24. Nun˜ez, D., Agudo, I., and Lopez, J. (2013). Leveraging Privacy in Identity Management as a Service through Proxy Re-Encryption. In Zimmermann, W., editor, Proceedings of the PhD Symposium at the 2nd European Conference on Service-Oriented and Cloud Computing, pages 42-47.
  25. Nun˜ez, D., Agudo, I., and Lopez, J. (2012). Integrating OpenID with Proxy Re-Encryption to enhance privacy in cloud-based identity services. In IEEE CloudCom 2012, pages 241 - 248.
  26. Palfrey, J. and Gasser, U. (2007). CASE STUDY: Digital Identity Interoperability and eInnovation. Berkman Publication Series,.
  27. Pearson, S. and Benameur, A. (2010). Privacy, Security and Trust Issues Arising from Cloud Computing. In CloudCom 2010, pages 693-702. IEEE.
  28. Sen, J. (2013). Security and Privacy Issues in Cloud Computing. In Martínez, A. R., Marin-Lopez, R., and Pereniguez-Garcia, F., editors, Architectures and Protocols for Secure Information Technology Infrastructures, pages 1-45. IGI Global.
  29. Zissis, D. and Lekkas, D. (2012). Addressing cloud computing security issues. Future Generation Computer Systems, 28(3):583-592.
  30. Zwattendorfer, B. (2014). Towards a Privacy-Preserving Federated Identity as a Service Model. to appear.
  31. Zwattendorfer, B. and Slamanig, D. (2013a). On PrivacyPreserving Ways to Porting the Austrian eID System to the Public Cloud. In SEC 2013, AICT, pages 300- 314. Springer.
  32. Zwattendorfer, B. and Slamanig, D. (2013b). PrivacyPreserving Realization of the STORK Framework in the Public Cloud. In SECRYPT 2013, pages 419-426.
  33. Zwattendorfer, B., Stranacher, K., and Tauber, A. (2013). Towards a Federated Identity as a Service Model. In Egovis 2013, pages 43-57.

Paper Citation

in Harvard Style

Zwattendorfer B., Zefferer T. and Stranacher K. (2014). An Overview of Cloud Identity Management-Models . In Proceedings of the 10th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-758-023-9, pages 82-92. DOI: 10.5220/0004946400820092

in Bibtex Style

author={Bernd Zwattendorfer and Thomas Zefferer and Klaus Stranacher},
title={An Overview of Cloud Identity Management-Models},
booktitle={Proceedings of the 10th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},

in EndNote Style

JO - Proceedings of the 10th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - An Overview of Cloud Identity Management-Models
SN - 978-989-758-023-9
AU - Zwattendorfer B.
AU - Zefferer T.
AU - Stranacher K.
PY - 2014
SP - 82
EP - 92
DO - 10.5220/0004946400820092