A conceptual model for federated authentication in the cloud

Document Type

Conference Proceeding

Publisher

Edith Cowan University

Faculty

Faculty of Health, Engineering and Science

School

ECU Security Research Institute

RAS ID

19316

Comments

Al Abdulwahid A., Clarke N., Furnell S., Stengel I. (2014). A conceptual model for federated authentication in the cloud. Proceedings of the 11th Australian Information Security Management Conference, ISM 2013. (pp. 1-11). Edith Cowan University. Available here

Abstract

Authentication is a key security control for any computing system, whether that is a PC, server, laptop, tablet or mobile phone. However, authentication is traditionally poorly served, with existing implementations falling foul of a variety of weaknesses. Passwords are poorly selected, reused and shared (to name but a few). Research has suggested novel approaches to authentication such as transparent authentication and cooperative and distributed authentication. However, these technologies merely focus upon individual platforms rather than providing a universal and federated authentication approach that can be used across technologies and services. The advent of cloud computing, its universal connectivity, scalability and flexibility, offers a new opportunity of achieving usable and convenient authentication seamlessly in a technology and service independent fashion. The approach introduces a new dedicated authentication provider - the Managed Authentication Service Provider - that is able to provide state-of-the-art centralised verification of authenticity. However, relying upon such an environment also introduces a range of technology, privacy and trust-related issues that must be overcome.

DOI

10.4225/75/57b55feccd8df

Access Rights

free_to_read

Share

 
COinS