Formulating Methodology to Build a Trust Framework for Cloud Identity Management

The vital element in outsourcing data to the cloud is trust and trustworthiness that information is protected, unaltered and available on demand. To facilitate service expectations efficient and effective infra-structures are required to host the functional processes. A security process is identity management that provides authorization for access rights based on verification checks. In this paper cloud security architecture is reviewed by focusing on the issue of trust and the role of identity management design. Methodology is built to produce cloud artefacts and then it is theoretically applied to produce an innovative solution to assess cloud identity providers (CIdP). A design solution lays out an information security architecture that enhances utility for CIdPs and gives better options for users to make trust decisions in the cloud. The contribution of the research is to provide a generic methodology that may be applied to evaluate other security artefacts for the cloud environment

Improving privacy in identity management systems for health care scenarios

Privacy is a very complex and subjective concept with different meaning to different people. The meaning depends on the context. Moreover, privacy is close to the user information and thus, present in any ubiquitous computing scenario. In the context of identity management (IdM), privacy is gaining more importance since IdM systems deal with services that requires sharing attributes belonging to users’ identity with different entities across domains. Consequently, privacy is a fundamental aspect to be addressed by IdM to protect the exchange of user attributes between services and identity providers across different networks and security domains in pervasive computing. However, problems such as the effective revocation consent, have not been fully addressed. Furthermore, privacy depends heavily on users and applications requiring some degree of flexibility. This paper analyzes the main current identity models, as well as the privacy support presented by the identity management frameworks. After the main limitations are identified, we propose a delegation protocol for the SAML standard in order to enhance the revocation consent within healthcare scenarios.Proyecto CCG10-UC3M/TIC-4992 de la Comunidad Autónoma de Madrid y la Universidad Carlos III de Madri

Me, Myself and I: Aggregated and Disaggregated Identities on Social Networking Services

In this article I explore some of the legal issues arising from the transformation of SNS operators to providers of digital identity. I consider the implications of the involvement of private sector entities in the field of identity management and discuss some of the privacy implications, as well as the prospects for conciliation between online anonymity and pseudonymity, on the one hand, and the need for identifiability and accountability on the other hand.

The myExperiment Open Repository for Scientific Workflows

4th International Conference on Open RepositoriesThis presentation was part of the session : Conference PresentationsDate: 2009-05-19 10:00 AM – 11:30 AMmyExperiment is an open repository solution for the born-digital items arising in contemporary research practice, in particular scientific workflows and experiment plans. Launched in November 2007, the public repository (myexperiment.org) has established a significant collection of scientific workflows, spanning multiple disciplines and multiple workflow systems, which has been accessed by over 16,000 users worldwide. Built according to Web 2.0 design principles, myExperiment demonstrates the success of blending modern social curation methods with the demands of researchers sharing hard-won intellectual assets and research works within a scholarly communication lifecycle. myExperiment is an important component in the revolution in creating, sharing and publishing scientific results, and has already established itself as a valuable and unique repository with a growing international presence.JISC; EPSRC; Microsoft Corporatio

Summary

20090506_fidis_D3.12 final 1.0.od

LegitimID: A federative digital identity system for strong authentication

The growing use of online services advocated the emergence of digital identity as a mechanism of data security and personal information protection that can increase the trust among online users and applications. This paper introduces a new security system developed around the digital identity concept, implemented using a federative multifactor strong authentication framework and tested in an authentic online educational setting to accomplish the complete life cycle of business privacy. System performance evaluated on a sample of 108 students revealed an excellent acceptance and confidence among the users