Privacy and Identity

Management in Cloud
Rohit Ranchal, Bharat Bhargava, Pelin Angin, Noopur Singh,
Lotfi Ben Othmane, Leszek Lilien

Department of Computer Science

Purdue University, Western Michigan University
{rranchal, bbshail}@purdue.edu, [email protected]

Mark Linderman
[email protected]
Air Force Research Laboratory
Rome, NY, USA

This research was supported by AFRL Rome, USA and NGC

 Outline
Motivation
IdentityManagement (IDM)
Goals of Proposed User-Centric IDM
Mechanisms
Description of proposed solution
Advantages of the Proposed Scheme
Conclusion & Future Work
References
Questions?
 Motivation

User on
Amazon Cloud
• Name
• E-mail
• Password
• Billing Address • Name
• Shipping Address • Billing Address
• Credit Card • Credit Card
• Name
• E-mail
• Password
• Billing Address
• Shipping Address
• Credit Card
• Name
• E-mail
• Shipping Address

• Name
• E-mail
• Shipping Address
 Motivation

User on
Amazon Cloud

• Name
• Billing Address
• Credit Card
• Name
• E-mail
• Password
• Billing Address
• Shipping Address
• Credit Card
 Identity Management (IDM)
 IDM in traditional application-centric IDM model
◦ Each service keeps track of identifying information of its users.
 Existing IDM Systems
◦ Microsoft Windows CardSpace [W. A. Alrodhan]
◦ OpenID [http://openid.net]
◦ PRIME [S. F. Hubner, Karlstad Univ]

These systems require a trusted third party and do not work on

an untrusted host.

If Trusted Third Party is compromised, all the identifying information

of the users is also compromised leading to serious problems like
Identity Theft.
[Latest: AT&T iPad leak]
leak
 IDM in Cloud Computing
Cloud introduces several issues for IDM
◦ Collusion between Cloud Services
 Users have multiple accounts associated with multiple service
providers.
 Sharing sensitive identity information among services can lead to
undesirable mapping of the identities to the user.
◦ Lack of trust
 Cloud hosts are untrusted
 Use of Trusted Third Party is not an option
◦ Loss of control
 Service-centric IDM Model

IDM in Cloud needs to be user-centric

Goals of Proposed User-Centric IDM for
the Cloud
1. Authenticate without disclosing
identifying information
2. Ability to securely use a service while on
an untrusted host (VM on the cloud)
3. Minimal disclosure and minimized risk of
disclosure during communication between
user and service provider (Man in
the Middle, Side Channel and Correlation
Attacks)
4. Independence from Trusted Third Party
for identity information
 Mechanisms in Proposed IDM

Active Bundle [L. Othmane, R. Ranchal]

Anonymous Identification [A. Shamir]
Computing Predicates with encrypted data [E. Shi]
Multi-Party Computing [A. Shamir]
Selective Disclosure [B. Laurie]
 Active Bundle
• Active bundle (AB)
AB
– An encapsulating mechanism protecting data carried within
it
– Includes data
– Includes metadata used for managing confidentiality
• Both privacy of data and privacy of the whole AB
– Includes Virtual Machine (VM)
• performing a set of operations
• protecting its confidentiality
• Active Bundles—Operations
– Self-Integrity check
E.g., Uses a hash function
– Evaporation/ Filtering
Self-destroys (a part of) AB’s sensitive data when threatened with a disclosure
– Apoptosis
Self-destructs AB’s completely
 Active Bundle Scheme
– Metadata:
• Access control policies
• Data integrity checks
• Dissemination policies
• Life duration
• ID of a trust server
• E(Name)
• ID of a security server
• E(E-mail) • App-dependent information
• E(Password)
• E(Shipping Address)
• …
• E(Billing Address)
•
•
E(Credit Card) – Sensitive Data:
…
• Identity Information
• ...

– Virtual Machine (algorithm):

• Interprets metadata
• Checks active bundle integrity
• Enforces access and
dissemination control policies
• …
* E( ) - Encrypted Information
 Anonymous Identification
• Use of Zero-knowledge proofing for user
authentication without disclosing its identifier.

User on Amazon
Cloud ZKP Interactive Protocol

User Request for service

Function f and number k

1. E-mail
fk(E-mail, Password) = R 2. Password
1. E-mail Authenticated
2. Password
Interaction using Active Bundle
AB information
disclosure
Active Bundle Destination

User Application
Active Bundle
Active Bundle Active
Creator Bundle (AB)

Security Services Audit Services

Agent (SSA) Agent (ASA)

Directory
Facilitator

Trust Evaluation
Active Bundle Coordinator Agent (TEA)

Active Bundle Services

 Predicate over Encrypted Data
• Verification without disclosing unencrypted identity data.

Predicate Request*

• E-mail
• E(Name)
• Password
• E(Billing Address)
• E(Name)
• E(Credit Card)
• E(Shipping Address)
• E(Billing Address)
• E(Credit Card)

*Age Verification Request

*Credit Card Verification Request
 Multi-Party Computing
• To become independent of a trusted third party
• Multiple Services hold shares of the secret key
• Minimize the risk

Predicate Request

• E(Name)
• E(Billing Address)
• E(Credit Card)

K ’1 K ’2 K ’3 K ’n

Key Management Services

* Decryption of information is handled by the Key Management services

 Multi-Party Computing
• To become independent of a trusted third party
• Multiple Services hold shares of the secret key
• Minimize the risk

Predicate Reply*

• Name
• Billing Address
• Credit Card

K ’1 K ’2 K ’3 K ’n

Key Management Services

*Age Verified
*Credit Card Verified
 Selective Disclosure
• User Policies in the Active Bundle dictate dissemination

Selective disclosure*

• E-mail • E-mail
• Password • E(Name)
• E(Name) • E(Shipping Address)
• E(Shipping Address)
• E(Billing Address)
• E(Credit Card)

*e-bay shares the encrypted information based on the user policy

 Selective Disclosure

Selective disclosure*

• E-mail • E(Name)
• E(Name) • E(Shipping Address)
• E(Shipping Address)

*e-bay seller shares the encrypted information based on the user policy
 Selective Disclosure

Selective disclosure

• E-mail • Name
• E(Name) • Shipping Address
• E(Shipping Address)

• Decryption handled by Multi-Party Computing as in the previous slides

 Selective Disclosure

Selective disclosure

• E-mail • Name
• E(Name) • Shipping Address
• E(Shipping Address)

• Fed-Ex can now send the package to the user

 Identity revealed in the Cloud

User on Amazon
Cloud
• E-mail
• Password

• Name
• Billing Address
• Credit Card
• Name
• E-mail
• Password
• Billing Address
• Shipping Address
• Credit Card
• E-mail

• Name
• Shipping Address
Characteristics and Advantages
 Ability to use Identity data on untrusted hosts
• Self Integrity Check

• Integrity compromised- apoptosis or evaporation

• Data should not be on this host
 Establishes the trust of users in IDM
◦ Through putting the user in control of who has his data and
how is is used
◦ Identity is being used in the process of authentication,
negotiation, and data exchange.
 Independent of Third Party for Identity Information
◦ Minimizes correlation attacks
 Minimal disclosure to the SP
◦ SP receives only necessary information.
 Conclusion & Future Work
Problems with IDM in Cloud Computing
◦ Collusion of Identity Information
◦ Prohibited Untrusted Hosts
◦ Usage of Trusted Third Party
Proposed Approaches
◦ IDM based on Anonymous Identification
◦ IDM based on Predicate over Encrypted data
◦ IDM based on Multi-Party Computing
Future work
◦ Develop the prototype, conduct experiments and
evaluate the approach
 References
[1] C. Sample and D. Kelley. Cloud Computing Security: Routing and DNS Threats,
http://www.securitycurve.com/wordpress/, June 23,2009.
[2] W. A. Alrodhan and C. J. Mitchell. Improving the Security of CardSpace, EURASIP Journal on
Information Security Vol. 2009, doi:10.1155/2009/167216, 2009.
[3] OPENID, http://openid.net/, 2010.
[4] S. F. Hubner. HCI work in PRIME, https://www.prime-project.eu/, 2008.
[5] A. Gopalakrishnan, Cloud Computing Identity Management, SETLabsBriefings, Vol7,
http://www.infosys.com/research/, 2009.
[6] A. Barth, A. Datta, J. Mitchell and H. Nissenbaum. Privacy and Contextual Integrity: Framework
and Applications, Proc. of the 2006 IEEE Symposium on Security and Privacy, 184-198.
[7] L. Othmane, Active Bundles for Protecting Confidentiality of Sensitive Data throughout Their
Lifecycle, PhD Thesis, Western Michigan Univ, 2010.
[8] A. Fiat and A. Shamir, How to prove yourself: Practical Solutions to Identification and Signature
Problems, CRYPTO, 1986.
[9] A. Shamir, How to Share a Secret, Communications of the ACM, 1979.
[10] M. Ben-Or, S. Goldwasser and A. Wigderson, Completeness theorems for non-cryptographic
fault-tolerant distributed computation, ACM Symposium on Theory of Computing, 1988.
[11] E. Shi, Evaluating Predicates over Encrypted Data, PhD Thesis, CMU, 2008.
 Thank you!

Any question?
 Approach - 1
 IDM Wallet:
◦ Use of AB scheme to protect PII from untrusted
hosts.

 Anonymous Identification:
◦ Use of Zero-knowledge proofing for authentication
of an entity without disclosing its identifier.
 Components of Active Bundle
(Approach – 1)
 Identity data: Data used during authentication,
getting service, using service (i.e. SSN, Date of
Birth).
 Disclosure policy: A set of rules for choosing
Identity data from a set of identities in IDM
Wallet.
 Disclosure history: Used for logging and
auditing purposes.
 Negotiation policy: This is Anonymous
Identification, based on the Zero Knowledge
Proofing.
 Virtual Machine: Code for protecting data on
untrusted hosts. It enforces the disclosure
policies.
 Anonymous Identification (Approach –
1)

Anonymous Identification
(Shamir's approach for Credit Cards)
 IdP provides Encrypted Identity
Information to the user and SP.
 SP and User interact
 Both run IdP's public function on the
certain bits of the Encrypted data.
 Both exchange results and agree if it
matches.
Usage Scenario (Approach – 1)
 Approach - 2
 Active Bundle scheme to protect PII from
untrusted hosts
 Predicates over encrypted data to
authenticate without disclosing
unencrypted identity data.
 Multi-party computing to be independent
of a trusted third party
Usage Scenario (Approach – 2)
 Owner O encrypts Identity Data(PII) using
algorithm Encrypt and O’s public key PK.
Encrypt outputs CT—the encrypted PII.
 SP transforms his request for PII to a predicate
represented by function p.
 SP sends shares of p to the n parties who hold the
shares of MSK.
 n parties execute together KeyGen using PK,
MSK, and p, and return TKp to SP.
 SP calls the algorithm Query that takes as input
PK, CT, TKp and produces p(PII) which is the
evaluation of the predicate.
 The owner O is allowed to use the service only
when the predicate evaluates to “true”.
Representation of identity
information for negotiation
Token/Pseudonym
Identity Information in clear plain text
Active Bundle
 Motivation:
Authentication Process using PII

Problem: Which information to disclose and how to

disclose it.