| With the rapid development of computer technology and Internet, cloudcomputing as a new computing model, has been widely used in various fields. ITcompanies around the world have developed and released their own cloud strategy.Further development of cloud computing bring new shocks and challenges to the fieldof security. Large number of users store their private data in the cloud, once the useridentity is fake what will cause leakage of private data. So propose a secureauthentication scheme to enhance the security of cloud computing environments isurgent.Since traditional identity authentications can only verify the person, but they can’tensure the trustworthy of the platform, and the traditional software encryption forprivate data is easy to be decoded, so this paper proposes a scheme for identityauthentication and private data protection in cloud computing based on TCM. In thisscheme, the TCM need to be installed on host computer of user, Trust Server andCloud Manager, so that the platform can attest its trustworthy and a pair of keys fromthe internal TCM can protect private data. This scheme provides an identityauthentication method which has a higher level of security by making use ofencryption and identity authentication of TCM, which can effectively preventimpersonation attack of the third party and phishing; in order to prevent userregistered information from being stolen and abused maliciously, Trust Server isintroduced to verify user registered information, then manages and saves theinformation; create private virtual machine for every user to provide functions ofprotection and isolation to user data (computing data, storage data, etc.).This paper analyzes the data security problems faced on cloud computing, andsummarizes the current of authentication technology. This paper introducescryptography, trusted computing, trusted computing cryptographic support platformand virtualization technology and other related content. Then after analyzeing thedefects of the existing authentication scheme, proposes a scheme for identityauthentication and private data protection based on TCM. The scheme designs severalfunctional modules and specifically introduces four important stages of theauthentication scheme, including user identity information registration, apply andaccess cloud services, user identity authentication and apply and access cloud services again. Then analyze the security of the identity authentication scheme detailedly andcompares and analysis the program to the currently identity authentication used in thecloud authentication technology computing (OpenID Single Sign-on and federatedidentity authentication technology based on PKI). Finally, two specific scenarios usedthe identity authentication scheme is analyzed and described, and outlines the benefitsof this program in the two specific scenarios. |
PDF Full Text Request