Identity Management in Cloud Platforms using VOMS and SPID

Francesco De Angelis, Fausto Marcantoni, Alberto Polzonetti, Samuele Rilli

2015

Abstract

Cloud computing is being adopted more and more in recent years. It offers several benefits, such as high elasticity, availability and cost reduction, but yet presents some issues. Among the most important, the potential lack of security can affect the spreading of this technology. As cloud computing is pushing forward to the digital era, where users can have their own digital identity to access restricted resources or services, a reliable authentication and authorization system would attract more users to get involved in such process. This paper proposes an integration of the VOMS (Virtual Organization Membership Service) system for authorization and SPID (Sistema Pubblico per la gestione dell'Identità Digitale) system for authentication, within Cloud Foundry PaaS (Platform as a Service) model. Considerations, differences and interoperability matters will be addressed in order to provide a comprehensive scheme.

References

  1. T-Systems Enterprise¸ 2010, White Paper Cloud Computing. Alternative sourcing strategy for business ICT. T-Systems Enterprise.
  2. Armbrust, M., Fox, A., Griffith, R., Joseph, A.D., Katz, R., Konwinski, A., Lee, G., Patterson, D., Rabkin, A., Stoica, I., Zaharia, M., 2010. A View of Cloud Computing, ACM Digital Library.
  3. NIST, 2011. Cloud Computing Reference Architecture. http://www.nist.gov/customcf/get_pdf.cfm?pub_id=90 9505. Accessed: 2015/03/17.
  4. Dixon, J., 2014. X as a service (XaaS):What the future of cloud computing will bring. http://www.cloud computing-news.net/news/2014/aug/18/x-as-a-servicexaas-what-the-future-of-cloud-computing-will-bring. Accessed: 2015/03/17.
  5. OpenShift, 2014. OpenShift Online. https://www. openshift.com/products/online. Accessed: 2015/03/17.
  6. Salesforce, 2014. http://www.salesforce.com. Accessed: 2015/03/17.
  7. AppScale, 2014. http://www.appscale.com. Accessed: 2015/03/17.
  8. CloudControl, 2014. https://www.cloudcontrol.com. Accessed: 2015/03/17.
  9. Cloud Foundry, 2014. http://cloudfoundry.org/index.html. Accessed: 2015/03/17.
  10. Azure, 2014. http://azure.microsoft.com/en-us/services/ websites. Accessed: 2015/03/17.
  11. Amazon EC2, 2014. https://aws.amazon.com/ec2. Accessed: 2015/03/17.
  12. OpenStack, 2014. http://www.openstack.org. Accessed: 2015/03/17.
  13. Apache Hadoop, 2014. http://hadoop.apache.org. Accessed: 2015/03/17.
  14. OpenNebula, 2014. http://opennebula.org. Accessed: 2015/03/17.
  15. Heller, M., 2014. Review: Cloud Foundry brings power and polish to PaaS. http://www.infoworld.com/ article/2608299/cloud-computing/review--cloudfoundry-brings-power-and-polish-to-paas.html. Accessed: 2015/03/17.
  16. Alfieri, R., Cecchini, R., Ciaschini, V., Dell'Agnello, L., Frohner, A., Lorentey, K., Spataro, F., 2005. From gridmap-file to VOMS managing authorization in a Grid environment. FGCS.
  17. OpendID, 2015. http://openid.net/. Accessed: 2015/03/17.
  18. Cloud Foundry UAA, 2012. Introducing the UAA and Security for Cloud Foundry. http://blog.cloudfoundry. org/2012/07/23/introducing-the-uaa-and-security-forcloud-foundry/. Accessed: 2015/03/17.
  19. DIGIPASS, 2015. DIGIPASS as a Service - Cloud based Authentication. https://www.vasco.com/products/managed_services/da s/digipass_as_a_service.aspx. Accessed: 2015/03/17.
  20. PowerBroker Open, 2015. http://www.powerbrokeropen. org/. Accessed: 2015/03/17.
  21. Conjur, 2015. What Is Conjur?. http://www.conjur.net/ what-is-conjur/. Accessed: 2015/03/17.
  22. OAuth 2.0, 2012. An open protocol to allow secure authorization in a simple and standard method from web, mobile and desktop applications. http://oauth.net/2/. Accessed: 2015/03/17.
  23. VOMS, 2014. VOMS: Virtual Organization Membership Service. http://toolkit.globus.org/grid_software/security/voms.p hp. Accessed: 2015/03/17.
  24. Venturi, V., Riedel, M., Memon, Shi., MemonSha., Stagni, F., Schuller, B., Mallmann, D., Tweddell, B., Gianoli, A., Van denBerghe, S. et al., 2008. Using SAML-Based VOMS for Authorizationwithin Web Services-Based UNICORE Grids. Springer.
  25. EMI, 2014. http://www.eu-emi.eu/. Accessed: 2015/03/17.
  26. VDT, 2014. http://wlcg.web.cern.ch/virtual-data-toolkit. Accessed: 2015/03/17.
  27. Alfieri, R., Cecchini, R., Ciaschini, V., Dell'Agnello, L., Frohner, A., Gianoli, A., Lorentey, K., Spataro, F., 2004. VOMS, an Authorization System for Virtual Organizations. Springer.
  28. SPID, 2014. Sistema Pubblico per la gestione dell'Identità Digitale - SPID. http://www.agid.gov.it/agendadigitale/infrastrutture-architetture/spid. Accessed: 2015/03/17.
  29. ISO/IEC 29115, 2011. ITU-T Recommendation X.1254 | International Standard ISO/IEC DIS 29115. https://www.oasisopen.org/committees/download.php/44751/285- 17Attach1.pdf. Accessed: 2015/03/17.
  30. Features of the UAA, 2012. High Level Features of the UAA. http://blog.cloudfoundry.org/2012/07/24/highlevel-features-of-the-uaa2/#centralized_identity_management. Accessed: 2015/03/17.
  31. UAA Server, 2012. User Account and Authentication (UAA) Server. http://docs.cloudfoundry.org/concepts/architecture/uaa .html. Accessed: 2015/03/17.
  32. SAML 2.0, 2005. SAML V2.0. http://saml.xml.org/samlspecifications. Accessed: 2015/03/17.
  33. SPID specifications, 2014. SPID regole tecniche e modalità attuative. http://www.agid.gov.it/sites/default/files/regole_tecnic he/spid_regole_tecniche_v0_1.pdf. Accessed: 2015/03/17.
Download


Paper Citation


in Harvard Style

De Angelis F., Marcantoni F., Polzonetti A. and Rilli S. (2015). Identity Management in Cloud Platforms using VOMS and SPID . In Proceedings of the 11th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST, ISBN 978-989-758-106-9, pages 96-103. DOI: 10.5220/0005450800960103


in Bibtex Style

@conference{webist15,
author={Francesco De Angelis and Fausto Marcantoni and Alberto Polzonetti and Samuele Rilli},
title={Identity Management in Cloud Platforms using VOMS and SPID},
booktitle={Proceedings of the 11th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,},
year={2015},
pages={96-103},
publisher={SciTePress},
organization={INSTICC},
doi={10.5220/0005450800960103},
isbn={978-989-758-106-9},
}


in EndNote Style

TY - CONF
JO - Proceedings of the 11th International Conference on Web Information Systems and Technologies - Volume 1: WEBIST,
TI - Identity Management in Cloud Platforms using VOMS and SPID
SN - 978-989-758-106-9
AU - De Angelis F.
AU - Marcantoni F.
AU - Polzonetti A.
AU - Rilli S.
PY - 2015
SP - 96
EP - 103
DO - 10.5220/0005450800960103