Open Access Open Access  Restricted Access Subscription or Fee Access

Improving Authentication and Authorization for Identity Based Cloud Environment Using OAUTH with Fuzzy Based Blowfish Algorithm

(*) Corresponding author

Authors' affiliations



Cloud computing involves group of remote servers, software, networks, centralized storage, which allows different number of online services and resources to virtualized business environment, individual users and educational institutions. But the main challenges are security between the user information, trust between the user and service provider.  In business environment, Private Cloud Model (PCM) provides tight security of the application data even though in cloud, security issues such as authorization, confidentiality still exist. Therefore, the paper focuses on security, authentication and authorization using OAuth protocol. OAuth protocol authorizes the user while accessing the data from one application via another application for managing identities. OAuth HTTP based protocol is used for authorization and security is implemented using Fuzzy based blowfish encryption algorithm (FBFE). In OAuth, authorization is granted in four different ways like authorization code, implicit, resource owner password credential and client credential. OAuth establishes authorization between application and API user using token and redirect URI.
Copyright © 2015 Praise Worthy Prize - All rights reserved.


Authorization; Client Credential; Fuzzy based Blowfish Algorithm; HTTP; OAuth Private Cloud Model; Resource Owner Credential

Full Text:



Puja Dhar, “Cloud computing and its applications in the world of networking”, International Journal of Computer Science Issues, Vol. 9, Issue 1, No 2, January 2012.

Teruko Miyata, Yuzo Koga, Paul Madsen,” A Survey on Identity Management Protocols and Standards,” IEICE Transactions on Information and Systems archive, Volume E89-D Issue 1, January 2006.

OAuth 2.0 Tutorial, Retrieved from

Rachna Arora, Anshu Parashar,” Secure User Data in Cloud Computing Using Encryption Algorithms”, International Journal of Engineering Research and Applications (IJERA), Vol. 3, Issue 4, pp.1922-1926, Jul-Aug 2013.

Jeong-Kyung Moon. A, Hwang-Rae Kim.B and Jin-Mook Kim,” Privilege Management System in Cloud Computing using OAuth”, International Journal of Security and Its Applications, Vol 8., No.13, page no 221-234, 2014.

Kevin Gibbons, John O Raw, Kevin Curran,” Security Evaluation of the OAuth 2.0 Framework”, Information Management and Computer Security, Vol. 22, No. 3, December 2014

Maithily B, Swathi Y,” Securing Brooker-less Publish/Subscribe System using Fuzzy Identity-Based Encryption”, International Journal of Computer Science and Information Technologies, Vol. 6 (3) , 2015, 2823-2826.

Anuchart Tassanaviboon, Guang Gong,” OAuth and ABE based Authorization in Semi-Trusted Cloud Computing”, DataCloud-SC Proceedings of the second international workshop on Data intensive computing in the clouds,Pages 41-50,2011.

Nikos Fotiou, Apostolis Machas, George C Polyzos and George Xylomenos,” Access control as a service for the Cloud”, Journal of Internet Services and Applications 2015.

Shasha Zhu, Guang Gong,” Fuzzy Authorization for Cloud Storage”, IEEE Transactions on Cloud Computing, no. 1, 2013.

Feng Yang,” A security analysis of the OAuth protocol”, IEEE Pacific Rim Conference on Communications, Computers and Signal Processing (PACRIM), 2013.

Oracle® Fusion Middleware Part 22. OAuth, Retrieved from

Khan RH, Ylitalo J, Ahmed AS (2011) OpenID authentication as a service in OpenStack. In: Proc. of the 7th International Conference on Information Assurance and Security. IEEE. Page no 372–377. (doi://10.1109/ISIAS.2011.6122782)

Maulik P. Chaudhari, Neha Parmar, “Blowfish Algorithm by Modify Randomness for SBoxes using Fuzzy Value and Apply Encryption or Decryption on Image”, International Journal of Science and Research (IJSR), Volume 3 Issue 6, June 2014.

Ravindu Madanayake, Nikila Peiris, Gayan Ranaweera and Uthpala Jayathilake, “Advanced Encryption Algorithm Using Fuzzy Logic”, 2012 International Conference on Information and Computer Networks (ICICN 2012), IPCSIT vol. 27 (2012).

Rasib Khan and Ragib Hasan, “Fuzzy Authentication using Interaction Provenance in Service Oriented Computing”, 12th IEEE International Conference on Services Computing (SCC), New York, USA, June 2015

Er. Gurleen Kaur, Er. Deepak Aggarwal,” A Survey Paper on Social Sign-On Protocol OAuth 2.0” Journal of Engineering, Computers & Applied Sciences, Volume 2, No.6, June 2013.


  • There are currently no refbacks.

Please send any question about this web site to
Copyright © 2005-2023 Praise Worthy Prize