90 likes | 215 Views
Authentication & Authorization : Security and Integrity in the Cloud. Desmond White Tierre.dw@gmail.com July 3, 2014. Authorization & Authentication. Access rights to resources related to information security applied to computing devices and computer networks.
E N D
Authentication & Authorization: Security and Integrity in the Cloud Desmond White Tierre.dw@gmail.com July 3, 2014
Authorization & Authentication • Access rights to resources related to information security applied to computing devices and computer networks. • Confirming the identity of the individual attempting to gain access.
Authentication vs. Authorization • Occasionally, both terms are paired so that the server has an idea of who the individual is. • Some types authentication required to be authorized are password, proof of identity, digital signature and recorded facial traits. • Authentication is the first line of defense while authorization is the second, however, authentication is the most important in open and trusted networks.
Grid & Cloud Computing • Grid computing would be the parent of cloud computing. It is computer resources that are shared with every other computer in the same network or system. • Cloud computing is defined as a computer network that in which a server or servers are connected through the internet, local area network or wide area network.
Authorization in the Grid • In Globus toolkit, authorization is accomplished by accessing a grid-mapfile. • DN’s that have been authenticated and have been assigned a local account are authorized to use the different resources assigned to the account. • Not all resources are given to distinguished users in the grid-mapfile. Further authorization must be implemented in order to gain access. • This method is also applied in cloud computing.
Attribute – based Authorization Push Mode Pull mode
Key components • Service models • Software as a Service (SaaS) • Platform as a Service (Paas) • Infratructure as a Service (Iaas) • Cloud deployment models • Public • Community • Private • Hybrid
Further Research • Encryption: Relation it has to authentication and authorization. • Other authentication methods • Authentication Java Program
References • "Understanding Authentication, Authorization, and Encryption." TechWeb RSS. N.p., n.d. Web. 30 June 2014. • "Authorization Strategies for Virtualized Environments." Authorization Strategies for Virtualized Environments in Grid Computing Systems ∗ (n.d.): n. pag. Web. • "The 4 A's of Cloud Identity: Authentication, Authorization, Account Management & Audit Logging." 4 A's of Cloud Identity. N.p., n.d. Web. 02 July 2014.