A conceptual model for federated authentication in the cloud
Abstract
Authentication is a key security control for any computing system, whether that is a PC, server, laptop, tablet or mobile phone. However, authentication is traditionally poorly served, with existing implementations falling foul of a variety of weaknesses. Passwords are poorly selected, reused and shared (to name but a few). Research has suggested novel approaches to authentication such as transparent authentication and cooperative and distributed authentication. However, these technologies merely focus upon individual platforms rather than providing a universal and federated authentication approach that can be used across technologies and services. The advent of cloud computing, its universal connectivity, scalability and flexibility, offers a new opportunity of achieving usable and convenient authentication seamlessly in a technology and service independent fashion. The approach introduces a new dedicated authentication provider - the Managed Authentication Service Provider - that is able to provide state-of-the-art centralised verification of authenticity. However, relying upon such an environment also introduces a range of technology, privacy and trust-related issues that must be overcome.
Document Type
Conference Proceeding
Date of Publication
1-1-2014
Faculty
Faculty of Health, Engineering and Science
Publisher
Edith Cowan University
School
ECU Security Research Institute
RAS ID
19316
Copyright
free_to_read
Comments
Al Abdulwahid A., Clarke N., Furnell S., Stengel I. (2014). A conceptual model for federated authentication in the cloud. Proceedings of the 11th Australian Information Security Management Conference, ISM 2013. (pp. 1-11). Edith Cowan University. Available here