An Approach in the Design of Common Authentication Solution for a Multi-Platform Cloud Environment

Primož Cigoj, Borka Jerman Blažič, Tomaž Klobučar

2015

Abstract

The security provision within multi-platform cloud computing environment is still considered not to be properly solved due to different problems with technical and human-based origin. This paper presents an attempt to provide an authentication and authorization solution based on the single sign-on (SSO) approach for cloud service users and administrators in a multi-platform environment. The problem of authentication in cloud services is briefly introduced and the approach implemented for cloud environment with two different proprietary (VMware) and open source (OpenStack) platforms is described.

References

  1. Abdo, J. B., Demerjian, J., Chaouchi, H., Barbar, K., & Pujolle, G. (2013). Broker-Based Cross-Cloud Federation Manager. In Internet Technology and Secured Transactions (ICITST), 2013 8th International Conference for (pp. 244-251). IEEE.
  2. Andronache I., Nisipasiu C., 2011. Web single sign-on implementation using the simpleSAMLphp application. Journal of Mobile, Embedded and Distributed Systems. 3(1):21-9.
  3. Cantor S., Kemp I.J., Philpott N.R., Maler E., 2005. Assertions and protocols for the oasis security assertion markup language. OASIS Standard.
  4. Cigoj P., 2014. Cloud computing security and identity management in the OpenStack platform. Ljubljana: Jožef Stefan International Postgraduate School.
  5. Cruz Zapata, B., Fernández-Alemán, J.L., & Toval, A. (2014). Security in Cloud Computing: a Mapping Study. Computer Science and Information Systems 12(1):161-184.
  6. Ferg B., Fitzpatrick B., Howells C., Recordon D., Hardt D., Reed D., et al. 2007. OpenID authentication 2.0.
  7. Fernandes, D.A.B., Soares, L.F.B, Gomes, J.V., Freire, M.M., & Inácio, P.R.M., 2014. Security issues in cloud environments: a survey. International Journal of Information Security, vol. 13, iss. 2, pp. 113-170.
  8. Ferraiolo D.F., Sandhu R., Gavrila S., Kuhn D.R., Chandramouli R., 2001. Proposed NIST standard for role-based access control. ACM Transactions on Information and System Security (TISSEC). 4(3):224- 74.
  9. Group TO, 2014. Single Sign On. Available from: http://www.opengroup.org/security/sso/.
  10. Grozev, N., & Buyya, R. (2014). Inter Cloud architectures and application brokering: taxonomy and survey. Software: Practice and Experience, 44(3), 369-390.
  11. Jansen, W., Grance, T., 2011. Guidelines on security and privacy in public cloud computing. NIST special publication. 800:144.
  12. Lonea A.M., Tianfield H., Popescu D.E., 2003. Identity management for cloud computing. New Concepts and Applications in Soft Computing: Springer. 175-99.
  13. Microsoft. Microsoft Urges Government and Industry to Work Together to Build Confidence in the Cloud 2010. Available from: http://www.microsoft.com/enus/news/press/2010/jan10/1-20brookingspr.aspx.
  14. Oracle, 2013. Oracle Access Management OAuth Service 2013. Available from: http://www.oracle.com/tech network/middleware/id-mgmt/overview/oauthservice white paper-2110557.pdf.
  15. Panarello, A., Celesti, A., Fazio, M., Villari, M., & Puliafito, A. (2014). A Requirements Analysis for IaaS Cloud Federation. In 4th International Conference on Cloud Computing and Services Science, Barcelona, Spain.
  16. Pérez-Méndez, A., Pereniguez-Garcia, F., Marin-Lopez, R., López-Millán, G., & Howlett, J. (2014). Identity Federations Beyond the Web: A survey. IEEE Communications Surveys & Tutorials, Vol. 16, No. 4.
  17. Simmonds, P., Rezek, C., Reed, A., 2011. Security guidance for critical areas of focus in cloud computing v3.0. Cloud Security Alliance. 176 pages.
  18. Tripathi, A., Mishra, A. (2011). Cloud computing security considerations. In: IEEE International Conference on Signal Processing, Communications and Computing, pp. 1-5.
  19. Toosi, A. N., Calheiros, R. N., & Buyya, R. (2014). Interconnected cloud computing environments: Challenges, taxonomy, and survey. ACM Computing Surveys (CSUR), 47(1), 7.
  20. VMware, 2012. vCloud director user's guide, 2012. Available from: http://pubs.vmware.com/vcd51/topic/com.vmware.ICbase/PDF/vcd_51_users_guid e.pdf.
Download


Paper Citation


in Harvard Style

Cigoj P., Jerman Blažič B. and Klobučar T. (2015). An Approach in the Design of Common Authentication Solution for a Multi-Platform Cloud Environment . In Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-758-104-5, pages 365-372. DOI: 10.5220/0005351103650372


in Bibtex Style

@conference{closer15,
author={Primož Cigoj and Borka Jerman Blažič and Tomaž Klobučar},
title={An Approach in the Design of Common Authentication Solution for a Multi-Platform Cloud Environment},
booktitle={Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2015},
pages={365-372},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005351103650372},
isbn={978-989-758-104-5},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 5th International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - An Approach in the Design of Common Authentication Solution for a Multi-Platform Cloud Environment
SN - 978-989-758-104-5
AU - Cigoj P.
AU - Jerman Blažič B.
AU - Klobučar T.
PY - 2015
SP - 365
EP - 372
DO - 10.5220/0005351103650372