Multi-cloud identity security utilizing Self-Sovereign Identity

Author

Morgan Lee Reece, Mississippi State UniversityFollow

ORCID

https://orcid.org/0009-0008-1970-432X

Issuing Body

Mississippi State University

Advisor

Mittal, Sudip

Committee Member

Rastogi, Nidhi

Committee Member

Trawick, George

Committee Member

Torri, Stephen

Date of Degree

12-13-2024

Original embargo terms

Worldwide

Document Type

Dissertation - Open Access

Major

Computer Science

Degree Name

Doctor of Philosophy (Ph.D.)

College

James Worth Bagley College of Engineering

Department

Department of Computer Science and Engineering

Abstract

With the increasing use of multi-cloud environments, security professionals face challenges in configuration, management, and integration due to uneven security capabilities and features among providers. As a result, a fragmented approach toward security has been observed, leading to new attack vectors and potential vulnerabilities. Other research has focused on single-cloud platforms or specific applications of multi-cloud environments. Therefore, there is a need for a holistic security and vulnerability assessment and defense strategy that applies to multi-cloud platforms. This dissertation explores risk and vulnerability analysis to identify attack vectors from software, hardware, and the network, as well as interoperability security issues in multi-cloud environments. Applying the STRIDE and DREAD threat modeling methods, we present an analysis of the ecosystem across six attack vectors: cloud architecture, APIs, authentication, automation, management differences, and cybersecurity legislation. Addressing the authentication vulnerability in the multi-cloud architecture, Self-Sovereign Identity provides protection from attacks against the identity and authentication systems. Self-Sovereign Identity (SSI) is projected to become part of every person’s life in some form. The ability to verify and authenticate that an individual is the actual person they are purported to be along with securing the personal attributes could have wide spread implications when engaging with third party organizations. Utilizing blockchains and other decentralized technologies, SSI is a growing area of research. The aspect of securing personal information within a decentralized structure has possible benefits to the public and private sectors.

Recommended Citation

Reece, Morgan Lee, "Multi-cloud identity security utilizing Self-Sovereign Identity" (2024). Theses and Dissertations. 6417.
https://scholarsjunction.msstate.edu/td/6417