Abstract
With the rapid development of Internet, hardware performance and software technology had continuous improvement. Users have increasingly high demands for the Internet services. The concept of cloud services is derived slowly. Users could use a variety of different types of application services and access information regardless when and where through the Internet cloud. When using different cloud service, users may need a new registration or re-execute the login action. That is quite time-consuming and a repetitive action. Users maybe use different username and password to register in different cloud service. In this way, this increases the burden on user memory and managing their usernames and passwords. In order to avoid repeat register and login, this study proposes a mechanism for cloud environment that combining role-based access control (RBAC) authorization mechanism and single sign-on. In this architecture, users need not to have second login or a new registration. After the first login, user can use cloud services in the new domain. Complex works such as confirm and exchange information with the user data center are turned over to the cloud service provider.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Lodha, A., Sarma, R.: A Single Sign-On Approach. Avenue a Razorfish, Inc. (March 2006)
Pereira, A.L.: Computing Systems Integration in Grid Computing and Cloud Computing. In: IEEE International Parallel & Distributed Processing Symposium (2011)
Cesnet, Web Single Sign On Systems, http://www.cesnet.cz/doc/techzpravy/2006/web-sso/ (June 1, 2012) (retrieved )
Ferraiolo, D.F., Cugini, J.A., Ricbard Kuhn, D.: Role Based Access Control (RBAC): Features and Motivations. In: IEEE Computer Security Applications Conference, pp. 241–248 (1995)
Ferraiolo, D.F., Sandhu, R., Gavrila, S., Richard Kuhn, D., Chandramouli: Proposed NIST Standard for Role-Based Access Control. ACM Transactions on Information and System Security 4(3), 224–274 (2001)
Ferraiolo, D., Kuhn, R.: Role-Based Access Control. In: 15th National Computer Security Conference, pp. 554–563 (1992)
Steiner, J.G., Neuman, C., Schiller, J.I.: Kerberos: An Authentication Service for Open Network Systems. In: Proceedings of USENIX Conference, pp. 191–200 (1988)
Brodkin, J.: Cloud Computing Hype Spurs Confusion, Gartner Says-Too Many Clouds-Too Little Time (2008), http://www.computerworld.com/s/article/print/9115904/Cloud_computing_hype_spurs_confusion_Gartner_says (June 1, 2012) (retrieved)
Mell, P., Grance, T.: The NIST Definition of Cloud Computing (2011), http://csrc.nist.gov/groups/SNS/cloud-computing/index.html (June 1, 2012) (retrieved)
Buyya, R., Yeo, C.S., Venugopal, S., Broberg, J., Brandic, I.: Cloud Computing and Emerging IT Platforms: Vision, Hype, and Reality for Delivering Computing as the 5th Utility. Future Generation Computer Systems 25(6), 599–616 (2009)
Chakraborty, R., Ramireddy, S., Raghu, T.S., Raghav Rao, H.: The Information Assurance Practices of Cloud Computing Vendors. IEEE Computer Society IT Professional 12(4), 29–37 (2010)
Sandhu, R., Samarati, P.: Access Control: Principles and Practice. IEEE Communications Magazine, 40–48 (1994)
Sandhu, R., Munawer, Q.: How to do Discretionary Access Control Using Roles. In: Proceedings of the Third ACM Workshop on Role-Based Access Control, pp. 47–54 (1998)
Sandhu, R., Coyne, E.J., Feinstein, H.L., Youman, C.E.: Role-Based Access Control Models. IEEE Computer 29(2), 38–47 (1996)
Subashini, S., Kavitha, V.: A Survey on Security Issues in Service Delivery Models of Cloud Computing. Journal of Network and Computer Applications 34(1), 1–11 (2011)
Samar, V.: Single Sign-On Using Cookies for Web Applications. In: Proceedings of the IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises, pp. 158–163 (1999)
Marston, S., Li, Z., Bandyopadhyay, S., Zhang, J., Ghalsasi, A.: Cloud Computing ─ the Business Perspective. Decision Support Systems 51(1), 176–189 (2011)
The Open Group, Single Sign-On, http://www.opengroup.org/security/sso/ (June 1, 2012) (retrieved)
Nykänen, T.: Secure Cross-Platform Single Sign-On Solution for the World-Wide Web. Department of Computer Science and Engineering. Helsinki University of Technology (2002)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2014 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Wu, MY., Chang, SF., Wu, YJ. (2014). A Single Sign-On Mechanism with RBAC in Cloud Environment. In: Park, J., Chen, SC., Gil, JM., Yen, N. (eds) Multimedia and Ubiquitous Engineering. Lecture Notes in Electrical Engineering, vol 308. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-54900-7_46
Download citation
DOI: https://doi.org/10.1007/978-3-642-54900-7_46
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-54899-4
Online ISBN: 978-3-642-54900-7
eBook Packages: EngineeringEngineering (R0)