Abstract
Collaboration of the clouds has revolutionized the IT industry whereby different service providers can come together with an agreement to leverage the services from each other and make efficient use of various available resources. For such type of collaborations, there is different working environments with different authentication protocols. In heterogeneous domain, two major network authentication protocols such as X.509 and Kerberos 5 have been widely used. X.509 is asymmetric-based, whereas the Kerberos 4 is symmetric-based. Therefore, communication between these protocols was a challenging task. But with the emergence of Kerberos 5, the problem of communication between two domains have been resolved to a large extent as Kerberos 5 does support asymmetric encryption. Also, one of the ever existing issued in any domain is of the security. Each user needs to prove its identity before accessing any resources. This authentication phase in multiple domain environment becomes a biggest challenge. Another issue is of interoperability, which is strongly required to meet the user needs in the collaborative structure of clouds. The proposed model enables cross-domain mutual authentication between X.509 domain and Kerberos 5 domain using Elliptic Curve Cryptography(ECC) as well as Public Key Cryptography for Initial Authentication (PKINIT).
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
References
Di Martino, B., Cretella, G., Esposito, A.: Cloud portability and interoperability. In: Cloud Portability and Interoperability, pp. 1–14. Springer, Cham (2015)
Chokhani, S., Ford, W., Sabett, R., Merrill, C., Wu, S.: RFC 3647: Internet X.509 Public Key Infrastructure Certificate Policy and Certification Practices Framework (2003)
Neuman, C.: The Kerberos network authentication service (V5). RFC 4120. (July 2005)
Zhu, L.: Public key cryptography for initial authentication in kerberos (PKINIT). RFC 4556 (June 2006)
Rekaby, F., El-Aziz, A.A., Mahmood, M.A., Hefny, H.A.: Federated cloud computing security using forward-secure broadcast encryption HIBE. In: The Proceedings of 11th International Computer Engineering Conference (ICENCO), pp. 13–18 (2015)
Beltran, M., Calvo, M., Gonzalez, S.: Federated system-to-service authentication and authorization combining pufs and tokens. In: The Proceedings of 12th International Symposium on Reconfigurable Communication-centric Systems-on-Chip (ReCoSoC) (2017)
Chen, Q., Li, Z., Yu, S.: A cross-authentication model for heterogeneous domains in active networks. In: The Proceedings of IFIP International Conference on Network and Parallel Computing—Workshops, pp. 140–143. IEEE Computer Society (2007)
Yao, Y., Xingwei, W., Xiaoguang, S.: A cross heterogeneous domain authentication model based on PKI. In: The Proceedings of Fourth International Symposium on Parallel Architectures, Algorithms and Programming, 325–329. IEEE Computer Society (2011)
Marin-Lopez, R., Pereniguez, F., Lopez, G., Perez-Mendez, A.: Providing EAP-based Kerberos pre-authentication and advanced authorization for network federations. Comput. Stand. Interfaces Elsevier 33(2011), 494–504 (2011)
Esposito, C.: Interoperable, dynamic and privacy-preserving access control for cloud data storage when integrating heterogeneous organizations. J. Netw. Comput. Appl. 108, 124–136 (2018)
Singh, S.R., Khan, A.K., Singh, T.S.: A critical review on elliptic curve cryptography. In: The Proceedings of International Conference on Automatic Control and Dynamic Optimization Techniques (ICACDOT), pp. 13–18 (2016)
Gong, P., Qiu, F. J., Liu, M.: A new algorithm based on DES and ECC for CSCW. In: The Proceedings of 8th International Conference on Computer Supported Cooperative Work in Design, vol. 1, pp. 481–486 (2004)
Mushtaque, M.A.: Comparative analysis on different parameters of encryption algorithms for information security. Int. J. Comput. Sci. Eng. 4, 76–82 (2014)
Peng, L., Zong, R., Liu, S.: A new model for authentication and authorization across heterogeneous trust-domain. In: The Proceedings of International Conference on Computer Science and Software Engineering, pp. 789–792. IEEE Computer Society (2008)
Nagaraj, S., Raju, G.S.V.P., Srinadth, V.: Data encryption and authentication using public key approach. Procedia Computer Science, 126–132 (2015)
Agrawal, K., Gera, A.: Elliptic curve cryptography with hill cipher generation for secure text cryptosystem. Proc. Int. J. Comput. Appl. 106(1), 18–23 (2014)
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2020 Springer Nature Singapore Pte Ltd.
About this paper
Cite this paper
Gogna, M., Rama Krishna, C. (2020). Cross-Domain Authentication and Interoperability Scheme for Federated Cloud. In: Somani, A.K., Shekhawat, R.S., Mundra, A., Srivastava, S., Verma, V.K. (eds) Smart Systems and IoT: Innovations in Computing. Smart Innovation, Systems and Technologies, vol 141. Springer, Singapore. https://doi.org/10.1007/978-981-13-8406-6_43
Download citation
DOI: https://doi.org/10.1007/978-981-13-8406-6_43
Published:
Publisher Name: Springer, Singapore
Print ISBN: 978-981-13-8405-9
Online ISBN: 978-981-13-8406-6
eBook Packages: Intelligent Technologies and RoboticsIntelligent Technologies and Robotics (R0)