From: Cloud identity management security issues & solutions: a taxonomy
Features | Mechanism | Mitigated attacks |
---|---|---|
 | Something You Know (OTP & CR) | A2, A5, A6, A7, A10, A11, A12 |
Authentication | Something You Have (Tokens) | A5, A14 |
 | Something You Are (Biometrics) | A1, A4, A5, A12 |
 | Access Control Policies | A3, A6, A13 |
Authorization | OAuth | A5, A6, A7, A8, A10, A11 |
 | Access Right Delegation | A3, A6 |
 | Smart-card (Encryption) | A5, A12 |
Identity | Multiple IdPIdP s and CSPCSP s | A7, A8, A13, A14 |
federation | Hierarchical Storage | A6, A7, A8 |
 | Distributed Computation | A15 |
 | Proxy-systems | A8 |
 | User-roles | A6 |
Privacy | Pseudonyms | A8, A10 |
 | Encryption | A5, A7, A8, A10, A14, A15 |
 | Limited Disclosure | A6, A7, A8 |
User-centricity | Consistet Experience | A9, A10 |
 | Data Disclosures Policies | A3, A6, A9, A13 |
Audit & Logging | Activity Monitoring | A1, A4, A12 |
 | History Maintenance | A9, A12 |