Authors: Anant V. Nimkar; Soumya K. Ghosh
Addresses: Department of Computer Engineering, Sardar Patel Institute of Technology, Mumbai, India ' Department of Computer Science and Engineering, Indian Institute of Technology, Kharagpur, India
Abstract: Cloud federation provides computing services of internal and external cloud providers. These computing services (e.g., virtual resources or services etc.) are collectively owned, accessed and controlled by one or more federating participants like user, broker, cloud providers, service provider etc. Thus, subjects are subsets of federating participants for use, execution, deployment and management of computing services. Each such subject must be authenticated before authorisation of computing services. Identity management solutions cannot address authentication of subjects comprising of more than two federating participants. In this paper, we propose a protocol for authentication (called as caucus authentication protocol) of subjects as a subset of one or more federating participants using a variant of multi-party computation (MPC). Theoretical study attempts to prove liveness and safety properties of proposed caucus authentication protocol (CAP) for the validation of dead-lock-free communication. The simulation results show that the protocol provides authentication of subjects in acceptable response time.
Keywords: mandatory access control; MAC; discretionary access control; DAC; multi-party computation; MPC; IaaS; SaaS; cloud; federation; authentication; security; access control.
International Journal of Trust Management in Computing and Communications, 2018 Vol.4 No.2, pp.111 - 131
Received: 09 Dec 2017
Accepted: 05 Apr 2018
Published online: 12 Oct 2018 *