Authentication and authorization interface using security service level agreements for accessing cloud services

Abstract

Cloud computing is defined as delivering of computing resources as a service. Data security and access control are key components for any cloud service. The service level agreements are negotiated when service provider registers with an enterprise. This paper proposes an authentication and authorization interface to access a cloud service. Service selection is acquired via monitoring of security measures provided by a service provider through Security Service Level Agreements (Sec-SLAs). The enterprise and employee validation is performed through two level authentication mechanisms. Single sign on mechanisms for user and services makes the proposal more efficient. Features like denial of service, man in the middle attack and access control rights of employees are also handled. Security measures provided by service provider are handled by an enterprise, thereby, relieving the end user up to 20%-80% from the nitty-gritty of service providers in comparison to the approaches proposed in past, depending on application requirement. © 2012 Springer-Verlag.