SHIBBOLETH WEB-PROXY FOR SINGLE SIGN-ON OF CLOUD SERVICES

Christoph Reich, Thomas Rübsamen

2012

Abstract

Single Sign-On (SSO) allows users to access services, for which they possess sufficient access rights, without re-authentication once they are authenticated successfully. Shibboleth supports SSO of web services and allows building federations. In this paper a Shibboleth web proxy is described, which integrates a Shibboleth service provider to manage authentication and extends Cloud management systems by enabling SSO of multiple cloud services. It is shown how this approach can be used for highly dynamic Cloud environments, where services are often added and removed. The Shibboleth web proxy implementation has been contributed to the Open Source Community and is made available in the OpenNebula EcoSystem.

References

  1. DFN-AAI (2011). https://www.aai.dfn.de/.
  2. Hommel, W. (2010). Campus single sign-on und hochschulübergreifendes identity management. In Bode, A. and Borgeest, R., editors, Informationsmanagement in Hochschulen, pages 221-232. Springer Berlin Heidelberg. 10.1007/978-3-642-04720-6 19.
  3. Jie, W., Young, A., Arshad, J., Finch, J., Procter, R., and Turner, A. (2008). A guanxi shibboleth based security infrastructure. In Enterprise Distributed Object Computing Conference Workshops, 2008 12th, pages 151 -158.
  4. OpenNebula (2011). http://www.opennebula.org/.
  5. Shibboleth 2 Documentation (2011a). Communicating with a Service Provider. https://spaces.internet2.edu/ display/SHIB2/IdPSPCommunicate.
  6. Shibboleth 2 Documentation (2011b). Shibboleth SP clustering. https://wiki.shibboleth.net/confluence/ display/SHIB2/NativeSPClustering.
  7. Sulistio, A., Reich, C., and Doelitzscher, F. (2009). Cloud infrastructure & applications - cloudia. In Jaatun, M., Zhao, G., and Rong, C., editors, Cloud Computing, volume 5931 of Lecture Notes in Computer Science, pages 583-588. Springer Berlin / Heidelberg. 10.1007/978-3-642-10665-1 56.
  8. Takaaki, K., Hiroaki, S., Noritoshi, D., and Ken, M. (2011). Design and implementation of web forward proxy with shibboleth authentication. In Applications and the Internet (SAINT), 2011 IEEE/IPSJ 11th International Symposium on, pages 321 -326.
  9. *.sni.velox.ch (2011).
  10. Wang, X. D., Jones, M., Jensen, J., Richards, A., Wallom, D., Ma, T., Frank, R., Spence, D., Young, S., Devereux, C., and Geddes, N. (2009). Shibboleth access for resources on the national grid service (sarongs). In Information Assurance and Security, 2009. IAS 7809. Fifth International Conference on, volume 2, pages 338 -341.
Download


Paper Citation


in Harvard Style

Reich C. and Rübsamen T. (2012). SHIBBOLETH WEB-PROXY FOR SINGLE SIGN-ON OF CLOUD SERVICES . In Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER, ISBN 978-989-8565-05-1, pages 89-95. DOI: 10.5220/0003926000890095


in Bibtex Style

@conference{closer12,
author={Christoph Reich and Thomas Rübsamen},
title={SHIBBOLETH WEB-PROXY FOR SINGLE SIGN-ON OF CLOUD SERVICES},
booktitle={Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,},
year={2012},
pages={89-95},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0003926000890095},
isbn={978-989-8565-05-1},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 2nd International Conference on Cloud Computing and Services Science - Volume 1: CLOSER,
TI - SHIBBOLETH WEB-PROXY FOR SINGLE SIGN-ON OF CLOUD SERVICES
SN - 978-989-8565-05-1
AU - Reich C.
AU - Rübsamen T.
PY - 2012
SP - 89
EP - 95
DO - 10.5220/0003926000890095