Identity federation in cloud computing (original) (raw)
Related papers
Identity Federation in PerfCloud: an Architecture for Cloud and GRID Integration
Both cloud and GRID are computing paradigms for the large-scale management of distributed resources, and currently their integration is of great interest. This is typically obtained through the Infrastructure-as-a-Service cloud model, which is exploited in the GRID context to offer machine with full administration rights to users. In this paper the focus is on the security problems linked to the integration of cloud and GRID computing. Adoption of identify federation between different security domains is proposed to manage the relationship between the user machines and the standard GRID infrastructure. This solution is experimented within PerfCloud, a cloud implementation that exploits an underlying GRID platform, evaluating its performance in an environment that includes computing resources leased from a commercial cloud provider.
Federated Identity Management for Grids
International conference on Networking and Services (ICNS'06), 2006
Identity federation is a novel technology allowing end users' identity information and preferences to be communicated between service providers. While in complete control over what personal information is interchanged, the users benefit from identity federation in several ways, e.g. the services can be tailored according to the users' preferences and all the services can be accessed by logging in once to the community of collaborating service providers.
Dorian: Grid Service Infrastructure for Identity Management and Federation
19th IEEE Symposium on Computer-Based Medical Systems (CBMS'06), 2006
Identity management and federation is becoming an ever present problem in large multi-institutional environments. By their nature, Grids span multiple institutional administration boundaries and aim to provide support for the sharing of applications, data, and computational resources in a collaborative environment. One underlying problem is to enable participating institutions to manage the identities of their own members by leveraging existing institutional identity management systems, while at the same time facilitating the participation in larger Grids through the deployment of grid-wide user credentials. Those grid-wide identities are used for features such as single sign-on, secure communication, and are the basis for authorization decisions. In this paper we will present the design and implementation of Dorian, a grid service infrastructure component that enables the federation of users across the collaboration.
Security Issues in Cloud Federations
2012
The cloud paradigm, based on the idea of delegating to the network any kind of computational resources, is showing a considerable success. The estimated trend is that the number of different cloud-based solutions, approaches and service providers (CSP) will continue growing. Despite the big number of different cloud solutions that currently exist, most of them are "walled gardens" unable to interoperate. On the other side, a large effort is taking place in the cloud community to develop and identify open solutions and standards. In such a context the concept of cloud federation, an architecture that combines the functionalities of different CSP, is a hot topic. In this chapter we present an overview of the cloud federation topic, with special focus on its most important security challenges. Furthermore, we propose a taxonomy of possible approaches to federation. Then we propose a comparison of security problems in cloud and grid environment, and a detailed analysis of two relevant security problems, identity management and Cyber Attacks analysis, trying to outline how they can be applied in a federated context. The final publication is available at: http://www.igiglobal.com/chapter/security-issues-cloud-federations/66233
Identity management in GRID computing and Service Oriented Architectures: research and practice
Identity in the Information Society, 2009
Today, Service-Oriented Architecture (SOA) and Grid and Cloud computing comprise the key technologies in distributed systems. In systems following the SOA approach, functionalities are delivered and consumed as services. Given the variety of resources (i.e. data, computing capabilities, applications, etc) as well as the variation of user-requested Quality of Service (e.g., high performance, fast access, low cost, high media resolution, etc), there is a need for advanced user management, trust establishment and service management mechanisms which adjust, monitor and evaluate service provision according to the users’ requirements and rights. Within this context, security and privacy requirements have become of great importance, as well the need for flexible and efficient identity management. This editorial of the special issue “Identity Management in Grid and SOA” discusses the importance of identity management within SOA and Grid environments. A number of techniques and existing systems addressing these issues are presented and evaluated. Identity management is considered in various contexts and at different levels, including service composition level, system level and inter-system communication level.
Grid and Cloud Computing Security: A Comparative Survey
International Journal of Computer Networks and Applications (IJCNA), 2019
The major purpose of this article is to know the security requirements and their solutions in grid and cloud computing environments. We first focused generally on the security issue in grids as in cloud computing where we examined all the articles proposed in the literature. Then, we classify them according to the treated security issue (authentication, access control, integrity, confidentiality or multiple security issues). A comparative study was carried out between the different techniques presented in each class of each environment. The same classification is done with research articles concerning security issues in cloud computing environment. The study was followed by a comparison between the different proposed techniques for each class in grid computing with those proposed within the same class in cloud. As a result we found that the access control issue is the most considered research area in both grid and cloud computing environments.
Identity federation scenarios for the Cloud
International journal of engineering and technology, 2014
Traditional identity approaches in a cloud environment that demands scale and openness, suffer from a number of limits, especially when the enterprise uses multiple cloud service providers (CSPs) and user credentials are not shared with other providers. Multiple attempts to solve this problem have been proposed like federated Identity that has a number of advantages, even though it suffers from many challenges that are common to new technologies. Keeping business systems data safe and protecting the identity has never been more difficult to achieve; therefore, in this paper we tackle federated identity, its components, advantages, disadvantages, then we propose a number of useful scenarios to manage identity in the cloud. daniel.bourget@telecom-bretagne.eu Keywordfederated identity, cloud, security, claim, token, identity provider, SaaS, federation provider, access control
The< i> CloudGrid approach: Security analysis and performance evaluation
Future Generation Computer …, 2011
Both cloud and grid are computing paradigms that manage large sets of distributed resources, and the scientific community would benefit from their convergence. This paper proposes a novel computing model, cloudgrid, able to achieve full cloud and grid integration. After presenting its three-layer architecture, the security issues involved are analyzed, proposing a solution based on fine-grained access control mechanisms and identity federation that allows cooperation and interoperability among untrusted cloud resources. The overhead introduced by the multiple-layer architecture and by the security system are measured by extensive testing on a prototype implementation, and a trade-off analysis between security and performance is presented.
Security and Cloud Computing: InterCloud Identity Management Infrastructure
2010 19th IEEE International Workshops on Enabling Technologies: Infrastructures for Collaborative Enterprises, 2010
Cloud Computing is becoming one of the most important topics in the IT world. Several challenges are being raised from the adoption of this computational paradigm including security, privacy, and federation. This paper aims to introduce new concepts in cloud computing and security, focusing on heterogeneous and federated scenarios. We present a reference architecture able to address the Identity Management (IdM) problem in the InterCloud context and show how it can be successfully applied to manage the authentication needed among clouds for the federation establishment.
The CloudGrid approach: Security analysis and performance evaluation
Future Generation Computer Systems, 2013
Both cloud and grid are computing paradigms that manage large sets of distributed resources, and the scientific community would benefit from their convergence. This paper proposes a novel computing model, cloudgrid, able to achieve full cloud and grid integration. After presenting its three-layer architecture, the security issues involved are analyzed, proposing a solution based on fine-grained access control mechanisms and identity federation that allows cooperation and interoperability among untrusted cloud resources. The overhead introduced by the multiple-layer architecture and by the security system are measured by extensive testing on a prototype implementation, and a trade-off analysis between security and performance is presented.