A conceptual model for federated authentication in the cloud
Document Type
Conference Proceeding
Publisher
Edith Cowan University
Faculty
Faculty of Health, Engineering and Science
School
ECU Security Research Institute
RAS ID
19316
Abstract
Authentication is a key security control for any computing system, whether that is a PC, server, laptop, tablet or mobile phone. However, authentication is traditionally poorly served, with existing implementations falling foul of a variety of weaknesses. Passwords are poorly selected, reused and shared (to name but a few). Research has suggested novel approaches to authentication such as transparent authentication and cooperative and distributed authentication. However, these technologies merely focus upon individual platforms rather than providing a universal and federated authentication approach that can be used across technologies and services. The advent of cloud computing, its universal connectivity, scalability and flexibility, offers a new opportunity of achieving usable and convenient authentication seamlessly in a technology and service independent fashion. The approach introduces a new dedicated authentication provider - the Managed Authentication Service Provider - that is able to provide state-of-the-art centralised verification of authenticity. However, relying upon such an environment also introduces a range of technology, privacy and trust-related issues that must be overcome.
DOI
10.4225/75/57b55feccd8df
Access Rights
free_to_read
Comments
Al Abdulwahid A., Clarke N., Furnell S., Stengel I. (2014). A conceptual model for federated authentication in the cloud. Proceedings of the 11th Australian Information Security Management Conference, ISM 2013. (pp. 1-11). Edith Cowan University. Available here