Takahiro Nemoto
ABSTRACT
Tokyo University of Agriculture and Technology (TUAT) replaced our Academic Information Infrastructure System in October 2021. This system includes an educational computer system, a printing system, a library system, and an authentication infrastructure system, and it is replaced every five years. In this system renewal, we migrated a part of the authentication and ID management functions performed by the authentication infrastructure on the private cloud to IDaaS, which performs authentication and ID management in the cloud. In addition, the migration to IDaaS has led to the gradual implementation of Single Sign-On (SSO) and Multi-Factor Authentication (MFA), which had not been in operation at our university, and this has resulted in a significant change in the authentication environment for our university’s users.
The system has been in operation since October 2021, and it has already performed many authentications. In this article, we research the usage of this system as a result of the initial stage of operation. In this research, we use the authentication logs of IDaaS to tabulate the number of successful and failed authentication attempts and the number of logins to services that use this system as an Identify Provider(IdP). Furthermore, we will discuss the usage trends of this system and its impact on users, taking into account the timing of events such as the implementation of MFA and the entrance of new students, which occurred after the introduction of the system.
In this article, we introduce IDaaS and its operation in the initial stage and summarize the impact on users caused by the replacement of the authentication infrastructure, which cannot be known only by user inquiries.
- R Philpott Cantor, J Kemp and E Maler. 2005. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0. http://docs.oasisopen.org/security/saml/v2.0/saml-core-2.0-os.pdf.Google Scholar
- Google. [n. d.]. Google Classroom. https://classroom.google.com/.Google Scholar
- B de Medeiros N Sakimura, J Bradley and C Mortimore. 2014. OpenID Connect Core 1.0 incorporating errata set 1. http://openid.net/specs/openid-connect-core-10.html.Google Scholar
- EXGEN NETWORKS. [n. d.]. Extic. https://www.exgen.co.jp/extic/.Google Scholar
- Kazuhiro Mishima Takeshi Sakurada 2016. About the System called “Salut” for Management and Operation. IPSJ SIG Internet and Operation Technology (IOT) 2016, 3 (2016), 1–6.Google Scholar
Index Terms
- Implementation and Initial Operation of IDaaS as Integrated Authentication Infrastructure in TUAT
Recommendations
Two Factor Vs Multi-factor, an Authentication Battle in Mobile Cloud Computing Environments
ICFNDS '17: Proceedings of the International Conference on Future Networks and Distributed SystemsMobile devices offer a convenient way of accessing our digital lives and many of those devices hold sensitive data that needs protecting. Mobile and wireless communications networks, combined with cloud computing as Mobile Cloud Computing (MCC), have ...
A Federated Multi-cloud PaaS Infrastructure
CLOUD '12: Proceedings of the 2012 IEEE Fifth International Conference on Cloud ComputingCloud platforms are increasingly being used for hosting a broad diversity of services from traditional e-commerce applications to interactive web-based Ides. How-ever, we observe that the proliferation of offers by cloud providers raises several ...
Simultaneous authentication and secrecy in identity-based data upload to cloud
Most existing works to secure cloud devote to remote integrity check, search and computing on encrypted data. In this paper, we deal with simultaneous authentication and secrecy when data are uploaded to cloud. Observing that cloud is most interesting ...
Comments