Federation Establishment Between CLEVER Clouds Through a SAML SSO Authentication Profile

Celesti, Antonio; Tusa, Francesco; Villari, Massimo; Puliafito, Antonio

Home // International Journal On Advances in Internet Technology, volume 4, numbers 1 and 2, 2011 // View article

Federation Establishment Between CLEVER Clouds Through a SAML SSO Authentication Profile

Authors:
Antonio Celesti
Francesco Tusa
Massimo Villari
Antonio Puliafito

Keywords: Cloud Computing; Federation; Authentication; CLEVER; XMPP; SAML

Abstract:
Cross-Cloud federation implies the establishment of a trust context between cloud platforms acting on different administrative domains and located in different places. The main advantage of federation is that clouds can set interdomain communications so that they can benefit of new business opportunities such as the enlargement of their virtual resources capability. The process of federation set up can be schematized in three subsequent phases: Discovery, Match-Making, and Authentication. In this work, considering several clouds based on both the CLEVER architecture and a Cross-Cloud Federation Manager module, responsible for the accomplishment of the three phases, we focus on the authentication phase required for a secure interaction between different CLEVER domains. More specifically, we designed a SAML SSO profile for a generic three-tier cloud architecture, showing the way in which it can be applied in different CLEVER-based clouds for the establishment of trusted interdomain communications in order to ``lend'' and ``borrow'' virtualized resources.

Pages: 14 to 27

Publication date: September 15, 2011

Published in: journal

ISSN: 1942-2652