In recent years, Cloud services have become an important part of people's lives, providing them with a large amount of IT resources, available from anywhere and at any time. The access to the services offered is controlled basing on users' identification credentials. As people acquire services from multiple cloud providers, in order to avoid the proliferation of identities associated to a single user, new cross-organization authentication methods, allowing the authorized transfer of users' identification data from one Cloud to another, are emerging. However, since most of these techniques do not protect adequately users' private information, attackers can easily intercept and tamper with confidential identity-related messages. In this paper, the authors use the characteristics of blind signatures to support user verification of the registering provider, to protect the user's identity, and to address known vulnerabilities in these systems. In addition, they use a strong designated verifier signature with message recovery characteristics to strengthen data communication security in the whole process.

• 出版日期2016-3
• 单位长春工业大学