Pérez Méndez, Alejandro, López Millán, Gabriel, Marín López, Rafael, Chadwick, David W., Schechtman Sette, Ioram (2017) Integrating an AAA-based federation mechanism for OpenStack - The CLASSe view. Concurrency and Computation: Practice and Experience, 29 (12). Article Number 4148. ISSN 1532-0626. (doi:10.1002/cpe.4148) (KAR id:61206)
PDF
Author's Accepted Manuscript
Language: English |
||
Download (860kB)
Preview
|
|
|
This file may not be suitable for user of assistive technology. Request an accessible format. |
||
Official URL http://dx.doi.org/10.1002/cpe.4148 |
Abstract
Identity federations enable users, service providers, and identity providers from different organizations to exchange authentication and authorization information in a secure way. In this paper, we present a novel identity federation architecture for cloud services based on the integration of a cloud identity management service with an authentication, authorization, and accounting infrastructure. Specifically, we analyse how this type of authentication, authorization, and accounting–based federation can be smoothly integrated into OpenStack, the leading open source cloud software solution, using the Internet Engineering Task Force (IETF) Application Bridging for Federated Access Beyond web specification for authentication and authorization. We provide details of the implementation undertaken in GÉANT's CLASSe project and show its validation in a real testbed.
Item Type: | Article |
---|---|
DOI/Identification number: | 10.1002/cpe.4148 |
Uncontrolled keywords: | ABFAB, authorization, CLASSe, Cloud, identity federation, OpenStack |
Divisions: | Faculties > Sciences > School of Computing |
Depositing User: | D. Chadwick |
Date Deposited: | 04 Apr 2017 11:33 UTC |
Last Modified: | 18 Sep 2020 14:40 UTC |
Resource URI: | https://kar.kent.ac.uk/id/eprint/61206 (The current URI for this page, for reference purposes) |
Chadwick, David W.: | ![]() |
- Export to:
- RefWorks
- EPrints3 XML
- BibTeX
- CSV
- Depositors only (login required):