- Volume 21 Issue 4
The interface between servers and clients and system management in the cloud computing environment is different from the existing computing environment. The technology for information protection. Management and user authentication has become an important issue. For providing a more convenient service to users, SSO technology is applied to this cloud computing service. In the SSO service environment, system access using a single key facilitates access to several servers at the same time. This SSO authentication service technology is vulnerable to security of several systems, once the key is exposed. In this paper, we propose a technology to solve problems, which might be caused by single key authentication in SSO-based cloud computing access. This is a distributed agent authentication technology using a multiple SSO agent to reinforce user authentication using a single key in the SSO service environment. For user authentication reinforcement, phased access is applied and trackable log information is used when there is a security problem in system to provide a safe cloud computing service.
Cloud computing;SSO;User authentication;Security policy
- Google, "SAML Single Sign On(SSO) Service for Google Apps" Google Inc. 2006.
- OASIS "Profile for the OASIS Security Assertion Language(SAML)V2.0" OASIS Standard, 15 March 2005.
- NIST, NIST Cloud Computing Standards Roadmap, Special Publication, p.291, 2011.
- P.Mell, T.Grance, "The NIST Definition of Cloud Computing, National Institute of Standards and Technology", National Institute of Standards and Technology, ver.15, July. 2010.
- Cloud Security Alliance, "Top Threats to Cloud Computing v1.0", Mar. 2010.
- Dongwon Jeong, "A Standard Reference Model for Semantic Interoperability in Cloud Computing", Journal of The Korea Society of Computer and Information, Vol 17 No. 8, August 2012.
- X/Open Single Sign On Pluggable Authentication Modules, The Open Group, 1997.
- Google, "SAML Single Sign On(SSO) Service for Google Apps" Google Inc., 2006.
- B. Pfitzmann, B. Waidner, "Token-based web Single Sign-On with Enabled Clients", IBM Research Report RZ 3458(93844), Nonmember 2002.
- V. Semar, "Single Sign-On Using Cookies for Web application. Proceedings", IEEE 8th International Workshop on Enabling Technologies: Infrastructure for Collaborative Enterprise(WET ICE 99), 1999.
- Eun-Gyeom Jang, "A Study on Access Control Through SSL VPN-Based Behavioral and Sequential Patterns", Journal of The Korea Society of Computer and Information, Vol 18 No. 11, November 2013.