دانلود رایگان مقاله ارزیابی شکست امنیتی SSO در سرویسهای ابری

عنوان فارسی
ارزیابی شکست امنیتی SSO در سرویسهای ابری
عنوان انگلیسی
Evaluating single sign-on security failure in cloud services
صفحات مقاله فارسی
0
صفحات مقاله انگلیسی
10
سال انتشار
2016
نشریه
الزویر - Elsevier
فرمت مقاله انگلیسی
PDF
کد محصول
E4739
رشته های مرتبط با این مقاله
مهندسی فناوری اطلاعات
مجله
افق های تجارت - Business Horizons
دانشگاه
ارزیابی نقطه ورود واحد در سيستم های يكپارچه امنیتی در سرویس های ابری
کلمات کلیدی
خدمات ابر؛ امنیت اینترنت؛ رفتار کاربر؛ SSO؛ شکست امنیتی دستگاه
۰.۰ (بدون امتیاز)
امتیاز دهید
چکیده

Abstract


Business use of cloud computing services is motivated by ease of use and potential financial cost reductions. Service failure may occur when the service provider does not protect information or when the use of the services becomes overly complex and difficult. The benefits of cloud computing also bring optimization challenges for the information owners who must assess service security risks and the degree to which new human behaviors are required. In this research, we look at the risk of identity theft when ease of service access is provided through a single sign-on (SSO) authorization, asking: What are the optimal behavioral expectations for a cloud service information owner? Federated identity management provides well-developed design literature on strategies for optimizing human behaviors in relation to the new technologies. We briefly review the literature and then propose a working solution that optimizes the trade-off between disclosure risk, human user risk, and service security.

نتیجه گیری

8. Conclusion


In this research we set out to answer the question: What are the optimal behavioral expectations for a cloud service information owner? We assumed that there are many users but that some users hold a rightful ownership responsibility for the information transacted in a cloud. We have also assumed that human behavior fits the five properties in the cited usability literature and therefore expectations can be established in relation to the criteria. Other parties involved with the cloud transaction of information are custodians and as such they hold other expectations. Together the parties must trust one another within the designated roles of the system and perform as expected. All parties must expect to negotiate and give up some of their maximum requirements to gain a satisfying user experience. Behavior and protection from failure is optimized in such a negotiated situation.


بدون دیدگاه