Privacy in Cloud Computing Through Identity Management

Abstract: The migration of web applications to Cloud computing platform has raised concerns about the privacy of sensitive data belonging to the consumers of cloud services. The traditional form of security tokens like username/password used to access cloud services are prone to phishing attacks and hence do not provide complete security. In this work we propose to extend the Microsoft's CardSpace identity management tool, to include more robust security tokens using the zero knowledge proof concept. These security tokens are in the form of SAML token supported by Windows Communication Foundation (WCF) and hence can prove interoperable with the existing security platforms.