Advertisement

An Integrated Access Control Service Enabler for Cloud Applications

  • Tran Quang ThanhEmail author
  • Stefan Covaci
  • Benjamin Ertl
  • Paolo Zampognano
Conference paper
Part of the Communications in Computer and Information Science book series (CCIS, volume 523)

Abstract

Cost reducing, ubiquitous access, are foreseeable benefits when organizations outsourcing applications, services to the cloud. However, security is current major challenge that limits their widespread deployments. In this paper, a RESTful security service enabler is proposed to provide authentication, authorization and audit logging services for cloud application developers, by leveraging several important security standards (e.g. OAuth, XACML). Specifically, a prototype of this enabler is ongoing developed based on our requirement investigation in the health care domain and related Generic Enabler technologies in the FI-PPP (Future Internet Public Private Partnership) FIWARE Project.

Keywords

Access control Cloud eHealth Future internet Security 

Notes

Acknowledgment

The authors are members of the Future Internet – Social Technological Alignment Research (FI-STAR) project, which is part of the Future Internet Private Public Partnership (FI-PPP) run by the European Commission.

References

  1. 1.
    REST API Tutorial. http://www.restapitutorial.com
  2. 2.
  3. 3.
    OASIS eXtensible Access Control Markup Language. https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
  4. 4.
    OAuth 2.0 Authorization Framework. http://tools.ietf.org/html/rfc6749
  5. 5.
    System for Cross-domain Identity Management (SCIM). http://www.simplecloud.info
  6. 6.
    Open ID Connect. http://openid.net/connect
  7. 7.
    FI-STAR: Future Internet Social and Technological Alignment Research. https://www.fi-star.eu
  8. 8.
    FIWARE: Open APIs for Open Minds. http://www.fiware.org
  9. 9.
  10. 10.
    Internet-enabler Innovation in Europe. http://www.fi-ppp.eu/projects/
  11. 11.
  12. 12.
  13. 13.
  14. 14.
  15. 15.
  16. 16.
    SAML 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants. http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-23
  17. 17.
    Internet User Authorization Profile (IUA). http://wiki.ihe.net/index.php?title=Internet_User_Authorization
  18. 18.
    Fast Healthcare Interoperability Resources. http://www.hl7.org/implement/standards/fhir/resourcelist.html
  19. 19.
    Security & Privacy ICA (Integrated Access Control). http://catalogue.fi-star.eu/enablers/securityprivacy-iac
  20. 20.
  21. 21.
    RSYSLOG: The Rocket-fast System for Log Processing. http://www.rsyslog.com

Copyright information

© Springer International Publishing Switzerland 2015

Authors and Affiliations

  • Tran Quang Thanh
    • 1
    Email author
  • Stefan Covaci
    • 1
  • Benjamin Ertl
    • 1
  • Paolo Zampognano
    • 2
  1. 1.Technical University BerlinBerlinGermany
  2. 2.Engineering Ingegneria Informatica S.p.A.RomeItaly

Personalised recommendations