# An Approach to Identity Management in Clouds without Trusted Third   Parties

**Authors:** Akram Sarhan, Leszek Lilien

arXiv: 1904.00880 · 2019-04-02

## TL;DR

This paper proposes a robust, privacy-preserving identity management scheme for cloud computing that eliminates the need for trusted third parties by combining RSA distributed key generation and attribute-based encryption, ensuring security and efficiency.

## Contribution

It introduces a novel IDM scheme that is TTP-free, combining RSA distributed key generation with attribute-based encryption for enhanced security and privacy in cloud environments.

## Key findings

- Protects sensitive data on untrusted hosts using active bundle
- Supports single sign-on to minimize authentication overhead
- Enables revocation and delegation of access rights

## Abstract

The management of sensitive data, including identity management (IDM), is an important problem in cloud computing, fundamental for authentication and fine-grained service access control. Our goal is creating an efficient and robust IDM solution that addresses critical issues in cloud computing. The proposed IDM scheme does not rely on trusted third parties (TTPs) or trusted dealers. The scheme is a multiparty interactive solution that combines RSA distributed key generation and attribute-based encryption. We believe that it will be a robust IDM privacy-preserving solution in cloud computing, because it has the following features: (i) protects sensitive data on untrusted hosts using active bundle; (ii) supports the minimum disclosure property; (iii) minimizes authentication overhead by providing single sign-on; (iv) supports authentication with encrypted credentials; (v) avoids using trusted third parties (TTPs_, incl. using TTPs for key management; (vi) supports revocation and delegation of access right; and (vii) supports revocation of user credentials. The scheme should also be efficient because it exploits parallelism.

---
Source: https://tomesphere.com/paper/1904.00880