Commenced in January 2007
Frequency: Monthly
Edition: International
Paper Count: 32579
Design and Application of NFC-Based Identity and Access Management in Cloud Services

Authors: Shin-Jer Yang, Kai-Tai Yang


In response to a changing world and the fast growth of the Internet, more and more enterprises are replacing web-based services with cloud-based ones. Multi-tenancy technology is becoming more important especially with Software as a Service (SaaS). This in turn leads to a greater focus on the application of Identity and Access Management (IAM). Conventional Near-Field Communication (NFC) based verification relies on a computer browser and a card reader to access an NFC tag. This type of verification does not support mobile device login and user-based access management functions. This study designs an NFC-based third-party cloud identity and access management scheme (NFC-IAM) addressing this shortcoming. Data from simulation tests analyzed with Key Performance Indicators (KPIs) suggest that the NFC-IAM not only takes less time in identity identification but also cuts time by 80% in terms of two-factor authentication and improves verification accuracy to 99.9% or better. In functional performance analyses, NFC-IAM performed better in salability and portability. The NFC-IAM App (Application Software) and back-end system to be developed and deployed in mobile device are to support IAM features and also offers users a more user-friendly experience and stronger security protection. In the future, our NFC-IAM can be employed to different environments including identification for mobile payment systems, permission management for remote equipment monitoring, among other applications.

Keywords: Cloud service, multi-tenancy, NFC, IAM, mobile device.

Digital Object Identifier (DOI):

Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 919


[1] National Institute of Standards and Technology, “The NIST Definition of Cloud Computing,” In National Institute of Standards and Technology, 2011.
[2] Xiao-Yong Li, Yong Shi, Yu Guo, Wei Ma, “Multi-Tenancy Based Access Control in Cloud,” In Proceedings of 2010 International Conference on Computational Intelligence and Software Engineering (CiSE), 2010.
[3] Lee, Haw; Hong, Wei-Chih; Kao, Chia-Hung; Cheng, Chen-Mou, “A User-friendly Authentication Solution using NFC,” In Proceedings of 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications, 2014.
[4] R. Rivest, A. Shamir, L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems” Communications of the ACM 21, pp 120-126, 1978
[5] Krebs, Rouven, “Architectural Concerns in Multi-tenant SaaS Applications,” In Proceedings of the 2nd International Conference on Cloud Computing and Services Science, 2012.
[6] “Multi-Tenant Data Architecture,” /library/aa479086.aspx, June 2006.
[7] D. Linthicum, “The silly debate over multitenancy,” http://www., 9 Apr 2010.
[8] R. Morris and K. Thompson, “Password security: a case history,” vol. 22, pp. 594-597, Nov. 1979.
[9] B. Chess and B. Arkin, “The Case for Mobile Two-Factor Authentication. Security & Privacy”, IEEE vol. 9, no. 5, pp 81-85, 2011
[10] “RSA SecurID,”
[11] “Google 2-step verification,”, 2013.
[12] D. Rinner, H. Witschnig, E. Merlin, “Broadband NFC - A System Analysis for the Uplink,” Information Forensics and Security, pp 292-296, 2009.
[13] Zheng-Qin Jian, Yu-Chung Huang, Jehn-Ruey Jiang, “A Privacy Preserving NFC Guestbook System,” /jrjiang/publication/CSIT2015(NFC-Guestbook).pdf.
[14] E. Haselsteiner and K. Breitfuß, “Security in Near Field Communication (NFC): Strengths and Weaknesses,” Workshop on RFID security, pp 1-10, 2006.
[15] C. Lu, A. L. M. Santos, F. R. Pimentel, “Implementation of Fast RSA Key Generation on Smart Cards” In Proceedings of the 2002 ACM Symposium on Applied computing, pp 214-220, 2002.
[16] Web application threat model. ms978531.aspx.
[17] J. Bonneau, C. Herley, P. C. van Oorschot, and F. Stajano, “The quest to replace passwords: a framework for comparative evaluation of Web authentication schemes,” University of Cambridge, Computer Laboratory, Tech. Rep. 817, March 2012.