Design and Application of NFC-Based Identity and Access Management in Cloud Services
In response to a changing world and the fast growth of the Internet, more and more enterprises are replacing web-based services with cloud-based ones. Multi-tenancy technology is becoming more important especially with Software as a Service (SaaS). This in turn leads to a greater focus on the application of Identity and Access Management (IAM). Conventional Near-Field Communication (NFC) based verification relies on a computer browser and a card reader to access an NFC tag. This type of verification does not support mobile device login and user-based access management functions. This study designs an NFC-based third-party cloud identity and access management scheme (NFC-IAM) addressing this shortcoming. Data from simulation tests analyzed with Key Performance Indicators (KPIs) suggest that the NFC-IAM not only takes less time in identity identification but also cuts time by 80% in terms of two-factor authentication and improves verification accuracy to 99.9% or better. In functional performance analyses, NFC-IAM performed better in salability and portability. The NFC-IAM App (Application Software) and back-end system to be developed and deployed in mobile device are to support IAM features and also offers users a more user-friendly experience and stronger security protection. In the future, our NFC-IAM can be employed to different environments including identification for mobile payment systems, permission management for remote equipment monitoring, among other applications.
Digital Object Identifier (DOI): doi.org/10.5281/zenodo.1129545Procedia APA BibTeX Chicago EndNote Harvard JSON MLA RIS XML ISO 690 PDF Downloads 589
 National Institute of Standards and Technology, “The NIST Definition of Cloud Computing,” In National Institute of Standards and Technology, 2011.
 Xiao-Yong Li, Yong Shi, Yu Guo, Wei Ma, “Multi-Tenancy Based Access Control in Cloud,” In Proceedings of 2010 International Conference on Computational Intelligence and Software Engineering (CiSE), 2010.
 Lee, Haw; Hong, Wei-Chih; Kao, Chia-Hung; Cheng, Chen-Mou, “A User-friendly Authentication Solution using NFC,” In Proceedings of 2014 IEEE 7th International Conference on Service-Oriented Computing and Applications, 2014.
 R. Rivest, A. Shamir, L. Adleman, “A Method for Obtaining Digital Signatures and Public-Key Cryptosystems” Communications of the ACM 21, pp 120-126, 1978
 Krebs, Rouven, “Architectural Concerns in Multi-tenant SaaS Applications,” In Proceedings of the 2nd International Conference on Cloud Computing and Services Science, 2012.
 “Multi-Tenant Data Architecture,” https://msdn.microsoft.com/en-us /library/aa479086.aspx, June 2006.
 D. Linthicum, “The silly debate over multitenancy,” http://www. infoworld.com/article/2683529/clowasud-computing/, 9 Apr 2010.
 R. Morris and K. Thompson, “Password security: a case history,” vol. 22, pp. 594-597, Nov. 1979.
 B. Chess and B. Arkin, “The Case for Mobile Two-Factor Authentication. Security & Privacy”, IEEE vol. 9, no. 5, pp 81-85, 2011
 “RSA SecurID,” http://www.emc.com/security/rsa-securid.htm.
 “Google 2-step verification,” http://www.google.com/landing/2step/, 2013.
 D. Rinner, H. Witschnig, E. Merlin, “Broadband NFC - A System Analysis for the Uplink,” Information Forensics and Security, pp 292-296, 2009.
 Zheng-Qin Jian, Yu-Chung Huang, Jehn-Ruey Jiang, “A Privacy Preserving NFC Guestbook System,” http://staff.csie.ncu.edu.tw /jrjiang/publication/CSIT2015(NFC-Guestbook).pdf.
 E. Haselsteiner and K. Breitfuß, “Security in Near Field Communication (NFC): Strengths and Weaknesses,” Workshop on RFID security, pp 1-10, 2006.
 C. Lu, A. L. M. Santos, F. R. Pimentel, “Implementation of Fast RSA Key Generation on Smart Cards” In Proceedings of the 2002 ACM Symposium on Applied computing, pp 214-220, 2002.
 Web application threat model. http://msdn.microsoft.com/en-us/library/ ms978531.aspx.
 J. Bonneau, C. Herley, P. C. van Oorschot, and F. Stajano, “The quest to replace passwords: a framework for comparative evaluation of Web authentication schemes,” University of Cambridge, Computer Laboratory, Tech. Rep. 817, March 2012.