Federated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns
| Title | Federated Access Control in Heterogeneous Intercloud Environment: Basic Models and Architecture Patterns |
| Publication Type | Conference Paper |
| Year of Publication | 2014 |
| Authors | Demchenko, Y., Canh Ngo, De Laat, C., Lee, C. |
| Conference Name | Cloud Engineering (IC2E), 2014 IEEE International Conference on |
| Date Published | March |
| Keywords | architecture patterns, authorisation, authorisation infrastructure, Authorization, cloud based services, cloud computing, cloud service broker, CSB, customer campus, customer-side federation, distributed federated multidomain authentication, dynamic trust relations, enterprise infrastructure, federated access control model, federated identity management model, federated identity management scenarios, FIDM model, heterogeneous intercloud environment, heterogeneous multiprovider intercloud environment, heterogeneous multiprovider multicloud environment, ICAF, ICFF, integration issue, intercloud architecture framework, intercloud federation framework, intercloud federation scenarios, interoperability issue, on-demand multiprovider multidomain heterogeneous cloud infrastructure services, operating systems (computers), outsourcing, provider-side federation, resource brokering, resource outsourcing, software architecture, Trusted Computing, trusted third party entities |
| Abstract | This paper presents on-going research to define the basic models and architecture patterns for federated access control in heterogeneous (multi-provider) multi-cloud and inter-cloud environment. The proposed research contributes to the further definition of Intercloud Federation Framework (ICFF) which is a part of the general Intercloud Architecture Framework (ICAF) proposed by authors in earlier works. ICFF attempts to address the interoperability and integration issues in provisioning on-demand multi-provider multi-domain heterogeneous cloud infrastructure services. The paper describes the major inter-cloud federation scenarios that in general involve two types of federations: customer-side federation that includes federation between cloud based services and customer campus or enterprise infrastructure, and provider-side federation that is created by a group of cloud providers to outsource or broker their resources when provisioning services to customers. The proposed federated access control model uses Federated Identity Management (FIDM) model that can be also supported by the trusted third party entities such as Cloud Service Broker (CSB) and/or trust broker to establish dynamic trust relations between entities without previously existing trust. The research analyses different federated identity management scenarios, defines the basic architecture patterns and the main components of the distributed federated multi-domain Authentication and Authorisation infrastructure. |
| DOI | 10.1109/IC2E.2014.84 |
| Citation Key | 6903508 |
- on-demand multiprovider multidomain heterogeneous cloud infrastructure services
- heterogeneous multiprovider multicloud environment
- ICAF
- ICFF
- integration issue
- intercloud architecture framework
- intercloud federation framework
- intercloud federation scenarios
- interoperability issue
- heterogeneous multiprovider intercloud environment
- operating systems (computers)
- outsourcing
- provider-side federation
- resource brokering
- resource outsourcing
- Software Architecture
- Trusted Computing
- trusted third party entities
- customer-side federation
- authorisation
- authorisation infrastructure
- authorization
- cloud based services
- Cloud Computing
- cloud service broker
- CSB
- customer campus
- architecture patterns
- distributed federated multidomain authentication
- dynamic trust relations
- enterprise infrastructure
- federated access control model
- federated identity management model
- federated identity management scenarios
- FIDM model
- heterogeneous intercloud environment