Automatic Authentication to Cloud-Based Services
Mircea Boris Vleju (Christian Doppler Laboratory for Client-Centric Cloud Computing (CDCC), Austria)
Abstract: We describe the concept of automatic authentication for cloud-based services via the use of a client-centric solution for small and medium enterprises (SMEs). In previous work we have introduced the Identity Management Machine (IdMM) whichis designed to handle the interaction between a client's identity directory and various cloud identity management systems. We now further refine this machine by describingits interaction with various cloud authentication systems. The IdMM is designed to aid SMEs in their adoption or migration to cloud-based services. The system allowsSMEs to store its confidential data on-premise, enhancing the client's control over the data. We further enhance the privacy related aspects of a client-to-cloud interaction viathe introduction of obfuscated and partially obfuscated identities which allow SMEs to also choose the type of data being sent to a cloud service. Since the IdMM is a singlesign-on system capable of automatic authentication the risk of phishing or other social engineering attacks is reduced as an individual user may not be aware of his or hercredentials for a given cloud service.
Keywords: astract state machine, automatic authentication, client centric, cloud computing, identity management, small and medium enterprises
Categories: D.2.10, F.1, H.4, H.5.3, K.6.5