A conceptual model for federated authentication in the cloud

Abdulwahid A Al, N Clarke, S Furnell, I Stengel

Research output: Contribution to journalConference proceedings published in a journalpeer-review

Abstract

Authentication is a key security control for any computing system, whether that is a PC, server, laptop, tablet or mobile phone. However, authentication is traditionally poorly served, with existing implementations falling foul of a variety of weaknesses. Passwords are poorly selected, reused and shared (to name but a few). Research has suggested novel approaches to authentication such as transparent authentication and cooperative and distributed authentication. However, these technologies merely focus upon individual platforms rather than providing a universal and federated authentication approach that can be used across technologies and services. The advent of cloud computing, its universal connectivity, scalability and flexibility, offers a new opportunity of achieving usable and convenient authentication seamlessly in a technology and service independent fashion. The approach introduces a new dedicated authentication provider - the Managed Authentication Service Provider - that is able to provide state-of-the-art centralised verification of authenticity. However, relying upon such an environment also introduces a range of technology, privacy and trust-related issues that must be overcome.
Original languageEnglish
Pages (from-to)1-11
Number of pages0
JournalProceedings of the 11th Australian Information Security Management Conference, ISM 2013
Volume0
Issue number0
Publication statusPublished - 1 Jan 2014

Fingerprint

Dive into the research topics of 'A conceptual model for federated authentication in the cloud'. Together they form a unique fingerprint.

Cite this