Skip to main content
SpringerLink
Log in

An Integrated Access Control Service Enabler for Cloud Applications

  • Conference paper
  • First Online:
Future Network Systems and Security (FNSS 2015)

Part of the book series: Communications in Computer and Information Science ((CCIS,volume 523))

Included in the following conference series:

Abstract

Cost reducing, ubiquitous access, are foreseeable benefits when organizations outsourcing applications, services to the cloud. However, security is current major challenge that limits their widespread deployments. In this paper, a RESTful security service enabler is proposed to provide authentication, authorization and audit logging services for cloud application developers, by leveraging several important security standards (e.g. OAuth, XACML). Specifically, a prototype of this enabler is ongoing developed based on our requirement investigation in the health care domain and related Generic Enabler technologies in the FI-PPP (Future Internet Public Private Partnership) FIWARE Project.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as EPUB and PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

References

  1. REST API Tutorial. http://www.restapitutorial.com

  2. SAML Specifications. http://saml.xml.org/saml-specifications

  3. OASIS eXtensible Access Control Markup Language. https://www.oasis-open.org/committees/tc_home.php?wg_abbrev=xacml

  4. OAuth 2.0 Authorization Framework. http://tools.ietf.org/html/rfc6749

  5. System for Cross-domain Identity Management (SCIM). http://www.simplecloud.info

  6. Open ID Connect. http://openid.net/connect

  7. FI-STAR: Future Internet Social and Technological Alignment Research. https://www.fi-star.eu

  8. FIWARE: Open APIs for Open Minds. http://www.fiware.org

  9. The Syslog Protocol. https://tools.ietf.org/html/rfc5424

  10. Internet-enabler Innovation in Europe. http://www.fi-ppp.eu/projects/

  11. FIWARE Identity Management Open Specification. https://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/FIWARE.OpenSpecification.Security.IdentityManagement

  12. FIWARE Authorization PDP Specification. http://forge.fiware.org/plugins/mediawiki/wiki/fiware/index.php/Access_Control_GE.Authorization.Open_RESTful_API_Specification

  13. WSO2 Identity Server. http://wso2.com/products/identity-server/

  14. Axiomatics Policy Server. http://www.axiomatics.com/solutions/products/authorization-for-applications/axiomatics-policy-server.html

  15. Sun XACML implementation. http://sunxacml.sourceforge.net/index.html

  16. SAML 2.0 Profile for OAuth 2.0 Client Authentication and Authorization Grants. http://tools.ietf.org/html/draft-ietf-oauth-saml2-bearer-23

  17. Internet User Authorization Profile (IUA). http://wiki.ihe.net/index.php?title=Internet_User_Authorization

  18. Fast Healthcare Interoperability Resources. http://www.hl7.org/implement/standards/fhir/resourcelist.html

  19. Security & Privacy ICA (Integrated Access Control). http://catalogue.fi-star.eu/enablers/securityprivacy-iac

  20. Spring Boot framework. http://projects.spring.io/spring-boot/

  21. RSYSLOG: The Rocket-fast System for Log Processing. http://www.rsyslog.com

Download references

Acknowledgment

The authors are members of the Future Internet – Social Technological Alignment Research (FI-STAR) project, which is part of the Future Internet Private Public Partnership (FI-PPP) run by the European Commission.

Author information

Authors and Affiliations

  1. Technical University Berlin, Berlin, Germany

    Tran Quang Thanh, Stefan Covaci & Benjamin Ertl

  2. Engineering Ingegneria Informatica S.p.A., Rome, Italy

    Paolo Zampognano

Authors
  1. Tran Quang Thanh
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Stefan Covaci
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Benjamin Ertl
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. Paolo Zampognano
    View author publications

    You can also search for this author in PubMed Google Scholar

Corresponding author

Correspondence to Tran Quang Thanh .

Editor information

Editors and Affiliations

  1. Deakin University, Burwood, Victoria, Australia

    Robin Doss

  2. Department of Information Systems and Operations Management, University of Florida, Gainesville, Florida, USA

    Selwyn Piramuthu

  3. ESCP Europe, Paris, France

    Wei ZHOU

Rights and permissions

Reprints and permissions

Copyright information

© 2015 Springer International Publishing Switzerland

About this paper

Cite this paper

Thanh, T.Q., Covaci, S., Ertl, B., Zampognano, P. (2015). An Integrated Access Control Service Enabler for Cloud Applications. In: Doss, R., Piramuthu, S., ZHOU, W. (eds) Future Network Systems and Security. FNSS 2015. Communications in Computer and Information Science, vol 523. Springer, Cham. https://doi.org/10.1007/978-3-319-19210-9_7

Download citation

  • DOI: https://doi.org/10.1007/978-3-319-19210-9_7

  • Published:

  • Publisher Name: Springer, Cham

  • Print ISBN: 978-3-319-19209-3

  • Online ISBN: 978-3-319-19210-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation