Abstract
Cost reducing, ubiquitous access, are foreseeable benefits when organizations outsourcing applications, services to the cloud. However, security is current major challenge that limits their widespread deployments. In this paper, a RESTful security service enabler is proposed to provide authentication, authorization and audit logging services for cloud application developers, by leveraging several important security standards (e.g. OAuth, XACML). Specifically, a prototype of this enabler is ongoing developed based on our requirement investigation in the health care domain and related Generic Enabler technologies in the FI-PPP (Future Internet Public Private Partnership) FIWARE Project.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
REST API Tutorial. http://www.restapitutorial.com
SAML Specifications. http://saml.xml.org/saml-specifications
OASIS eXtensible Access Control Markup Language. https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml
OAuth 2.0 Authorization Framework. http://tools.ietf.org/html/rfc6749
System for Cross-domain Identity Management (SCIM). http://www.simplecloud.info
Open ID Connect. http://openid.net/connect
FI-STAR: Future Internet Social and Technological Alignment Research. https://www.fi-star.eu
FIWARE: Open APIs for Open Minds. http://www.fiware.org
The Syslog Protocol. https://tools.ietf.org/html/rfc5424
Internet-enabler Innovation in Europe. http://www.fi-ppp.eu/projects/
FIWARE Identity Management Open Specification. https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE.OpenSpecification.Security.IdentityManagement
FIWARE Authorization PDP Specification. http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Access_Control_GE.Authorization.Open_RESTful_API_Specification
WSO2 Identity Server. http://wso2.com/products/identity-server/
Axiomatics Policy Server. http://www.axiomatics.com/solutions/products/authorization-for-applications/axiomatics-policy-server.html
Sun XACML implementation. http://sunxacml.sourceforge.net/index.html
SAML 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants. http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-23
Internet User Authorization Profile (IUA). http://wiki.ihe.net/index.php?title=Internet_User_Authorization
Fast Healthcare Interoperability Resources. http://www.hl7.org/implement/standards/fhir/resourcelist.html
Security & Privacy ICA (Integrated Access Control). http://catalogue.fi-star.eu/enablers/securityprivacy-iac
Spring Boot framework. http://projects.spring.io/spring-boot/
RSYSLOG: The Rocket-fast System for Log Processing. http://www.rsyslog.com
Acknowledgment
The authors are members of the Future Internet – Social Technological Alignment Research (FI-STAR) project, which is part of the Future Internet Private Public Partnership (FI-PPP) run by the European Commission.
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2015 Springer International Publishing Switzerland
About this paper
Cite this paper
Thanh, T.Q., Covaci, S., Ertl, B., Zampognano, P. (2015). An Integrated Access Control Service Enabler for Cloud Applications. In: Doss, R., Piramuthu, S., ZHOU, W. (eds) Future Network Systems and Security. FNSS 2015. Communications in Computer and Information Science, vol 523. Springer, Cham. https://doi.org/10.1007/978-3-319-19210-9_7
Download citation
DOI: https://doi.org/10.1007/978-3-319-19210-9_7
Published:
Publisher Name: Springer, Cham
Print ISBN: 978-3-319-19209-3
Online ISBN: 978-3-319-19210-9
eBook Packages: Computer ScienceComputer Science (R0)