Loading…

Integrating an AAA‐based federation mechanism for OpenStack—The CLASSe view

Summary Identity federations enable users, service providers, and identity providers from different organizations to exchange authentication and authorization information in a secure way. In this paper, we present a novel identity federation architecture for cloud services based on the integration o...

Full description

Saved in:
Bibliographic Details
Published in:Concurrency and computation 2017-06, Vol.29 (12), p.n/a
Main Authors: Pérez Méndez, Alejandro, López Millán, Gabriel, Marín López, Rafael, Chadwick, David W., Schechtman Sette, Ioram
Format: Article
Language:English
Subjects:
Citations: Items that this one cites
Items that cite this one
Online Access:Get full text
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Summary Identity federations enable users, service providers, and identity providers from different organizations to exchange authentication and authorization information in a secure way. In this paper, we present a novel identity federation architecture for cloud services based on the integration of a cloud identity management service with an authentication, authorization, and accounting infrastructure. Specifically, we analyse how this type of authentication, authorization, and accounting–based federation can be smoothly integrated into OpenStack, the leading open source cloud software solution, using the Internet Engineering Task Force (IETF) Application Bridging for Federated Access Beyond web specification for authentication and authorization. We provide details of the implementation undertaken in GÉANT's CLASSe project and show its validation in a real testbed.
ISSN:1532-0626
1532-0634
DOI:10.1002/cpe.4148