Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Authentication and Authorization Systems in Cloud Environments
KTH, School of Information and Communication Technology (ICT).
2012 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

The emergence of cloud computing paradigm offers attractive and innovative computing services through resource pooling and virtualization techniques. Cloud providers deliver various types of computing services to customers according to a pay-per-use economic model. However, this technology shift introduces a new concern for enterprises and businesses regarding their privacy and security. Security as a Service is a new cloud service model for the security enhancement of a cloud environment. This is a way of centralizing security solutions under the control of professional security specialists. Identity and access control services are one of the areas of cloud security services, and sometimes, are presented under the term Identity as a Service.

This master thesis research is focused on identity-security solutions for cloud environments. More specifically, architecture of a cloud security system is designed and proposed for providing two identity services for cloud-based systems: authentication and authorization. The main contribution of this research is to design these services using service-oriented architectural approach, which will enable cloud-based application service providers to manage their online businesses in an open, flexible, interoperable and secure environment.

First, the architecture of the proposed services is described. Through this architecture all system entities that are necessary for managing and providing those identity services are defined. Then, the design and specification of each service is described and explained. These services are based on existing and standardized security mechanisms and frameworks. As a demonstration, a prototype system of an authorization service is implemented and tested based on the designed authorization solution. The implementation is done using Web Service technology respective to the service-oriented design approach. It is shown that both services are at least computationally secure against potential security risks associated with replay attacks, message information disclosure, message tampering, repudiation and impersonation.

The designed security system ensures a secure and reliable environment for cloud-based application services which is very easy to deploy and exploit on cloud-based platforms.

Place, publisher, year, edition, pages
2012. , 64 p.
Series
Trita-ICT-EX, 2012:203
National Category
Engineering and Technology
Identifiers
URN: urn:nbn:se:kth:diva-102870OAI: oai:DiVA.org:kth-102870DiVA: diva2:557150
Educational program
Master of Science - Software Engineering of Distributed Systems
Uppsok
Technology
Examiners
Available from: 2012-10-22 Created: 2012-09-27 Last updated: 2012-10-22Bibliographically approved

Open Access in DiVA

fulltext(1923 kB)2556 downloads
File information
File name FULLTEXT01.pdfFile size 1923 kBChecksum SHA-512
e873b2e4d2c760b4ca5c426fe8fff4af5bcff5b89e3ea5a2af08144431f6205819813d31311fe4f83963fd2f28ad18e4d0af1ab0b4b2d4cfa2a95c3f786ebfa1
Type fulltextMimetype application/pdf

By organisation
School of Information and Communication Technology (ICT)
Engineering and Technology

Search outside of DiVA

GoogleGoogle Scholar
Total: 2556 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 979 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • harvard1
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf