An Authentication and Authorization Solution for a Multiplatform Cloud Environment

ABSTRACT Providing security at all levels within the multiplatform cloud-computing environment is has not been properly solved due to a variety of problems arising from technical and human-based sources. This paper presents an authentication-and-authorization solution based on the Single Sign-On (SSO) approach for cloud-service users and administrators in a multiplatform environment. The system developed enables user authentication for clouds provided as Infrastructure as a Service system built up from different OS systems. The solution enables the use of different services based on credentials that are authenticated only once and enable simple and efficient administration of the relevant data. The paper briefly presents the problem of user authentication in cloud services from the security aspect and defines the user and system administrator requirements for a secure and efficient authentication system. The implemented solution for two different platforms and the associated OS, one proprietary (WMware) and one open-source (OpenStack), is briefly described.

[1]  Markus Jakobsson,et al.  Controlling data in the cloud: outsourcing computation without outsourcing control , 2009, CCSW '09.

[2]  Mário M. Freire,et al.  Security issues in cloud environments: a survey , 2014, International Journal of Information Security.

[3]  Antonio Puliafito,et al.  A Requirements Analysis for IaaS Cloud Federation , 2014, CLOSER.

[4]  Mayank Upadhyay,et al.  Authentication at Scale , 2013, IEEE Security & Privacy.

[5]  Huaglory Tianfield,et al.  Identity Management for Cloud Computing , 2013, New Concepts and Applications in Soft Computing.

[6]  Danielle Kehl,et al.  Surveillance Costs: The NSA's Impact on the Economy, Internet Freedom & Cybersecurity , 2014 .

[7]  T. Grance,et al.  SP 800-144. Guidelines on Security and Privacy in Public Cloud Computing , 2011 .

[8]  Andrew P. Martin,et al.  Trust in the Cloud , 2011, Inf. Secur. Tech. Rep..

[9]  V. K. Agrawal,et al.  Multi-level authentication technique for accessing cloud services , 2012, 2012 International Conference on Computing, Communication and Applications.

[10]  Timothy Grance,et al.  Guidelines on Security and Privacy in Public Cloud Computing | NIST , 2012 .

[11]  Jeff Hodges,et al.  Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2. 0 , 2001 .

[12]  Jason Hart Remote working: managing the balancing act between network access and data security , 2009 .

[13]  Ionut Andronache,et al.  Web Single Sign-On Implementation Using the SimpleSAMLphp Application , 2011 .

[14]  Marcos A. Simplício,et al.  A Quantitative Analysis of Current Security Concerns and Solutions for Cloud Computing , 2011, CloudCom.

[15]  M. Sasikumar,et al.  Identity Management in Cloud Computing , 2013 .

[16]  Rajkumar Buyya,et al.  Inter‐Cloud architectures and application brokering: taxonomy and survey , 2014, Softw. Pract. Exp..

[17]  Akhil Behl Emerging security challenges in cloud computing: An insight to cloud security challenges and their mitigation , 2011, 2011 World Congress on Information and Communication Technologies.

[18]  Daniele Catteddu and Giles Hogben Cloud Computing. Benefits, risks and recommendations for information security , 2009 .

[19]  蔡瑋哲 Single Sign-on機制之探討與實現 , 2012 .

[20]  Guy Pujolle,et al.  Broker-based Cross-Cloud Federation Manager , 2013, 8th International Conference for Internet Technology and Secured Transactions (ICITST-2013).

[21]  Rajkumar Buyya,et al.  Interconnected Cloud Computing Environments , 2014, ACM Comput. Surv..

[22]  Audun Jøsang,et al.  Usability and Privacy in Identity Management Architectures , 2007, ACSW.

[23]  Ramaswamy Chandramouli,et al.  The Queen's Guard: A Secure Enforcement of Fine-grained Access Control In Distributed Data Analytics Platforms , 2001, ACM Trans. Inf. Syst. Secur..

[24]  Abhinav Mishra,et al.  Cloud computing security considerations , 2011, 2011 IEEE International Conference on Signal Processing, Communications and Computing (ICSPCC).

[25]  S. K. Dubey,et al.  Security and Privacy in Cloud Computing: A Survey , 2013 .