Advertisement

Towards a Federated Identity as a Service Model

  • Bernd Zwattendorfer
  • Klaus Stranacher
  • Arne Tauber
Part of the Lecture Notes in Computer Science book series (LNCS, volume 8061)

Abstract

Identity management plays a key role in e-Government. Giving the increasing number of cloud applications, also in the field of e-Government, identity management is also vital in the area of cloud computing. Several cloud identity models have already emerged, whereas the so-called “Identity as a Service”-model seems to be the most promising one. Cloud service providers currently implement this model by relying on a central identity broker, acting as a hub between different service and identity providers. While the identity broker model has a couple of advantages, still some disadvantages can be identified. One major drawback of the central identity broker model is that both the user and the service provider must rely on one and the same identity broker for identification and authentication. This heavily decreases flexibility and hinders freedom of choice for selecting other identity broker implementations. We bypass this issue by proposing a federated identity as a service model, where identity brokers are interconnected. This federated identity as a service model retains the benefits but eliminates the drawbacks of the central cloud identity broker model.

Keywords

Cloud Computing Identity as a Service Federated Identity as a Service Identity Broker Identity Management 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bertino, E., Takahashi, K.: Identity Management: Concepts, Technologies, and Systems. Artech House Inc. (2010)Google Scholar
  2. 2.
    ISO/IEC JTC 1/SC 27/WG 5: A framework for IdM Google Scholar
  3. 3.
    Sermersheim, J.: Lightweight Directory Access Protocol (LDAP): The Protocol. RFC 4511. Internet Engineering Task Force (IETF) (2006)Google Scholar
  4. 4.
    Neuman, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos Network Authentication Service (V5). RFC 4120. Internet Engineering Task Force (IETF) (2005) Google Scholar
  5. 5.
    Lockhart, H., Campbell, B.: Security Assertion Markup Language (SAML) V2.0 Technical Overview. OASIS Committee Draft 02 (2008)Google Scholar
  6. 6.
    Siddhartha, A.: National e-ID card schemes: A European overview. Inf. Secur. Tech. Rep. 13(2), 46–53 (2008)CrossRefGoogle Scholar
  7. 7.
    Emig, C., Brandt, F., Kreuzer, S., Abeck, S.: Identity as a Service – Towards a Service-Oriented Identity Management Architecture. In: Pras, A., van Sinderen, M. (eds.) EUNICE 2007. LNCS, vol. 4606, pp. 1–8. Springer, Heidelberg (2007)CrossRefGoogle Scholar
  8. 8.
    Bauer, M., Meints, M., Hansen, M.: D3.1: Structured Overview on Prototypes and Concepts of Identity Management System, FIDIS (2005) Google Scholar
  9. 9.
    Palfrey, J., Gasser, U.: Digital Identity Interoperability and eInnovation, Case Study. Berkman Publication Series (2007)Google Scholar
  10. 10.
    Jøsang, A., Pope, S.: User centric identity management. In: AusCERT Asia Pacific Information Technology, pp. 1–13 (2005)Google Scholar
  11. 11.
    Alpár, G., Hoepman, J.-H., Siljee, J.: The Identity Crisis - Security, Privacy and Usability Issues in Identity Management. CoRR (2011)Google Scholar
  12. 12.
    Kurdi, R., Taleb-Bendiab, A., Randles, M., Taylor, M.: E-Government Information Systems and Cloud Computing (Readiness and Analysis). In: Developments in E-systems Engineering, DeSE 2011, pp. 404–409 (2011)Google Scholar
  13. 13.
    Gopalakrishnan, A.: Cloud Computing Identity Management. SETLabs Briefings 7(7), 45–55 (2009)Google Scholar
  14. 14.
    Cox, P.: How to Manage Identity in the Public Cloud. InformationWeek reports (March 2012)Google Scholar
  15. 15.
    Goulding, J.: Identity and Access Management for the Cloud: CA’s strategy and vision. Whitepaper, CA Cloud Business Unit (Mai 2010)Google Scholar
  16. 16.
    Cloud Security Alliance: Security Guidance for Critical Areas of Focus in Cloud Computing V3.0 (2011)Google Scholar
  17. 17.
    Zwattendorfer, B., Tauber, A.: Secure Cloud Authentication using eIDs. In: Proceedings of IEEE CCIS 2012, pp. 515–519 (2012)Google Scholar
  18. 18.
    Huang, H.Y., Wang, B., Liu, X.X., Xu, J.M.: Identity Federation Broker for Service Cloud. In: 2010 International Conference on Service Sciences, pp. 115–120 (2010)Google Scholar
  19. 19.
    Boyen, S., Ellison, G., Karhuluoma, G., MacGregor, W., Madsen, P., Sengodan, S., Shinkar, S., Thompson, P.: Trust Models Guidelines. Draft. OASIS (2004)Google Scholar
  20. 20.
    Hulsebosch, B., Lenzini, G., Eertink, H.: D2.3 - Quality authenticator scheme. STORK Deliverable (2009)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2013

Authors and Affiliations

  • Bernd Zwattendorfer
    • 1
  • Klaus Stranacher
    • 1
  • Arne Tauber
    • 1
  1. 1.E-Government Innovation Center (EGIZ)Graz University of TechnologyGrazAustria

Personalised recommendations