Publication details

Home Publications Publication details

A Conceptual Model for Federated Authentication in the Cloud
Al Abdulwahid A, Clarke NL, Furnell SM, Stengel I
Proceedings of the 11th Australian Information Security Management Conference (AISM2013), Perth, Australia, 2-4 December, pp 1-11, ISBN 978-0-7298-0710-4, 2013
Links:  External link available

Authentication is a key security control for any computing system, whether that is a PC, server, laptop, tablet or mobile phone. However, authentication is traditionally poorly served, with existing implementations falling foul of a variety of weaknesses. Passwords are poorly selected, reused and shared (to name but a few). Research has suggested novel approaches to authentication such as transparent authentication and cooperative and distributed authentication. However, these technologies merely focus upon individual platforms rather than providing a universal and federated authentication approach that can be used across technologies and services. The advent of cloud computing, its universal connectivity, scalability and flexibility, offers a new opportunity of achieving usable and convenient authentication seamlessly in a technology and service independent fashion. The approach introduces a new dedicated authentication provider – the Managed Authentication Service Provider – that is able to provide state-of-the-art centralised verification of authenticity. However, relying upon such an environment also introduces a range of technology, privacy and trust-related issues that must be overcome.

Al Abdulwahid A, Clarke NL, Furnell SM, Stengel I