Journal of Software (软件学报) 2013/24:12 PP.2897-2908
Being a vital constituent of cloud environment, the identity management and authentication of the system virtual machine is of great importance to cloud computing security. Multiple identity authorities exist in the large-scale, wide-distributed cloud environment and information regarding the authorities is publicly exposed in the current identity management and authentication scheme. Such deficiency of the scheme in the application of cloud environment poses the danger of revealing the organization and location of the users’ platforms, violating the nature of cloud environment, i.e. organization transparency and location i.e. This paper presents the issuer-anonymous attestation scheme which, without altering the level of authentication and creditability, protects the anonymity of the platforms and the privacy of the issuers in the process of identity certification, effectively preventing information revelation in accordance with the transparency and independence nature of cloud environment. Furthermore, the proposed scheme realizes the attestation of the attributes of the platforms independently, requiring no participation of the identity authorities, and therefore, excludes the possibility of conspiracy attack between the inspector and the identity authorities and enhances the practicability and security of the scheme.