Home // International Journal On Advances in Security, volume 6, numbers 3 and 4, 2013 // View article
Authors:
Antonio Celesti
Massimo Villari
Antonio Puliafito
Keywords: Cloud computing, federation, security, XMPP, SSO authentication, data encryption, digital signature
Abstract:
Nowadays, in the panorama of Cloud Computing, finding a right compromise between interactivity and security is not trivial at all. Currently, most of Cloud providers base their communication systems on the web service technology. The problem is that both Cloud architectures and services have started as simple but they are becoming increasingly complex. Consequently, web services are often inappropriate. Recently, many operators in both academia and industry are evaluating the eXtensible Messaging and Presence Protocol for the implementation of Cloud communication systems. In fact, the XMPP offers many advantages in term of real-time capabilities, efficient data distribution, service discovery, and inter-domain communication compared to web service technologies. Nevertheless, the protocol lacks of native security features. In this paper, we explore such security issues, discussing how they can be mitigated using both SAML/SASL Single Sign-On (SSO) and XEP 0027.
Pages: 99 to 110
Copyright: Copyright (c) to authors, 2013. Used with permission.
Publication date: December 31, 2013
Published in: journal
ISSN: 1942-2636