{"title":"如何使应用程序的认证和授权基础设施适应云","authors":"T. H. Vo, W. Fuhrmann, K. Fischer-Hellmann","doi":"10.1109/FiCloud.2017.14","DOIUrl":null,"url":null,"abstract":"Migration of existing enterprise applications to the Cloud requires substantial adaptation effort in individual architectural components. Existing work has focused on migrating the application with functional and non-functional aspects. However, none of them has focused so far on the adaptation of security and privacy. In our previous work, Identity-as-a-service (IDaaS) decouples Authentication and Authorization Infrastructure (AAI) from the business logic of the application as a manageable resource for the Cloud provider to control its life cycle. Since IDaaS controls the complete security chain, it can coordinate automated trust negotiation between Cloud services in federated security domains. On the other hand, IDaaS provides identity federation for Cloud users to access multiple service providers on demand but also may preserve user's privacy. In this paper, we continue to model a security topology for the Cloud applications. A security topology describes an abstract layer of AAI's components, requirements, and trust relationship between them. It preserves the provisioning of AAI across different environments for interoperability, portability, and enables a dynamic trust relationship with other services on demand.","PeriodicalId":115925,"journal":{"name":"2017 IEEE 5th International Conference on Future Internet of Things and Cloud (FiCloud)","volume":"27 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2017-08-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"5","resultStr":"{\"title\":\"How to Adapt Authentication and Authorization Infrastructure of Applications for the Cloud\",\"authors\":\"T. H. Vo, W. Fuhrmann, K. Fischer-Hellmann\",\"doi\":\"10.1109/FiCloud.2017.14\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"Migration of existing enterprise applications to the Cloud requires substantial adaptation effort in individual architectural components. Existing work has focused on migrating the application with functional and non-functional aspects. However, none of them has focused so far on the adaptation of security and privacy. In our previous work, Identity-as-a-service (IDaaS) decouples Authentication and Authorization Infrastructure (AAI) from the business logic of the application as a manageable resource for the Cloud provider to control its life cycle. Since IDaaS controls the complete security chain, it can coordinate automated trust negotiation between Cloud services in federated security domains. On the other hand, IDaaS provides identity federation for Cloud users to access multiple service providers on demand but also may preserve user's privacy. In this paper, we continue to model a security topology for the Cloud applications. A security topology describes an abstract layer of AAI's components, requirements, and trust relationship between them. It preserves the provisioning of AAI across different environments for interoperability, portability, and enables a dynamic trust relationship with other services on demand.\",\"PeriodicalId\":115925,\"journal\":{\"name\":\"2017 IEEE 5th International Conference on Future Internet of Things and Cloud (FiCloud)\",\"volume\":\"27 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2017-08-01\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"5\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2017 IEEE 5th International Conference on Future Internet of Things and Cloud (FiCloud)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/FiCloud.2017.14\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2017 IEEE 5th International Conference on Future Internet of Things and Cloud (FiCloud)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/FiCloud.2017.14","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
How to Adapt Authentication and Authorization Infrastructure of Applications for the Cloud
Migration of existing enterprise applications to the Cloud requires substantial adaptation effort in individual architectural components. Existing work has focused on migrating the application with functional and non-functional aspects. However, none of them has focused so far on the adaptation of security and privacy. In our previous work, Identity-as-a-service (IDaaS) decouples Authentication and Authorization Infrastructure (AAI) from the business logic of the application as a manageable resource for the Cloud provider to control its life cycle. Since IDaaS controls the complete security chain, it can coordinate automated trust negotiation between Cloud services in federated security domains. On the other hand, IDaaS provides identity federation for Cloud users to access multiple service providers on demand but also may preserve user's privacy. In this paper, we continue to model a security topology for the Cloud applications. A security topology describes an abstract layer of AAI's components, requirements, and trust relationship between them. It preserves the provisioning of AAI across different environments for interoperability, portability, and enables a dynamic trust relationship with other services on demand.
京公网安备 11010802042870号
京ICP备2023020795号-1
分享
求助内容:
应助结果提醒方式:
扫码关注我们
