Affiliations: [a] Faculty of Computers and Informatics, Zagazig University, Egypt
| [b] College of Computers and Information Sciences, Jouf University, Kingdom of Saudi Arabia
Abstract: Cloud computing is a cost-effective way for organizations to access and use IT resources. However, it also exposes data to security threats. Authentication and authorization are crucial components of access control that prevent unauthorized access to cloud services. Organizations are turning to identity management solutions to help IT administrators face and mitigate security concerns. Identity management (IDM) has been recognized as a more robust solution for validating and maintaining digital identities. Identity management (IDM) is a key security mechanism for cloud computing that helps to ensure that only authorized users have access to data and resources. Traditional IDM solutions are centralized and rely on a single authority to manage user identities, which makes them vulnerable to attack. However, existing identity management solutions need to be more secure and trustworthy. Blockchain technology can create a more secure and trustworthy cloud transaction environment. Purpose: This paper investigates the security and trustworthiness of existing identity management solutions in cloud computing. Comparative results: We compared 14 traditional IDM schemes in cloud systems to explore contributions and limitations. This paper also compared 17 centralized, decentralized, and federated IDM models to explain their functions, roles, performance, contribution, primary metrics, and target attacks. About 17 IDM models have also been compared to explore their efficiency, overhead consumption, effectiveness to malicious users, trustworthiness, throughput, and privacy. Major conclusions: Blockchain technology has the potential to make cloud transactions more secure and reliable. It featured strong authentication and authorization mechanisms based on smart contracts on the Ethereum platform. As a result, it is still regarded as a reliable and immutable solution for protecting data sharing between entities in peer-to-peer networks. However, there is still a large gap between the theoretical method and its practical application. This paper also helps other scholars in the field discover issues and solutions and make suggestions for future research.
Keywords: Cloud computing, identity management, blockchain, security-as-a-service, single-sign-on model
