Information Technology Reference
In-Depth Information
1
Introduction
Considering the widespread benefits and support for state-of-the-art business re-
quirements, such as ease of service delivery and collaborative resources, Cloud
computing is actively adopted by the small and medium size business organizations.
It facilitates the federation and collaboration among independent business organiza-
tions while acquiring the services and resources from disparate Cloud environments.
Identity management service being the foundation for all the other services is ideal
to be out-sourced, since this is the first and foremost service that is invoked by the
collaborating organizations. Similarly, in federated Cloud computing environments,
where an agreement is made among the group of trusted
Cloud Service Providers
(CSPs) to share their services and resources in demand spikes; identity credentials
are required to be exchanged and shared. For such scenarios, FIM is the common
deployment model, where CSPs with mutual trust relationship share the identity in-
formation of their subscribers with each other on demand or as per the requirement
[1, 2]. With the introduction of FIM systems, Cloud subscribers are able to use the
same identity credentials for gaining access to the set of shared Cloud resources.
FIM brings in economic benefits along with the convenience to the participating
organizations and its network subscribers.
However, federated Cloud environment also raises many security and privacy
concerns regarding the handling and sharing of sensitive identity information [3],
such as
Who has the access to identity information?
,
How to maintain identical and
updated user information across multiple CSPs?
,
How to ensure standard security
and privacy procedures across multiple CSPs?
and
How much control does the sub-
scriber has over his information?
. In order to answer these questions, several secu-
rity based FIM systems have been designed and implemented. But, to the best of our
knowledge, none of those systems offer a holistic solution covering self-service, pri-
vacy and real-time synchronization features for Cloud computing environments [4].
In addition to this, most of the existing software applications are bundled with pro-
prietary identity management services and authentication mechanisms. As a result,
interoperability has become an increasingly significant challenge in the federated
Cloud computing environment.
We have designed and implemented a
Secure Identity Management System for
Federated Cloud environments
that ensures seamless integration and utilization of
identity credentials. In addition to the basic identity management features, such as
provisioning, de-provisioning and user account management; we intend to provide
advanced security features as well. Those advanced security features include
access
right delegation, real-time synchronization and self-service
in cross-domain Cloud
computing scenarios. Further, for the implementation of these advanced features, we
have used state-of-the-art international standards
(such as SCIM, SAML, REST and
XACML)
that guarantee secure, quick and easy sharing & management of identity
credentials in to, out of and around the Cloud. Finally, we present E-Healthcare
system as a case-study to explicate the work-flow and various use-case scenarios of
the implemented system. The rationale behind choosing E-healthcare systems as a
Search WWH ::
Custom Search