دانلود رایگان مقاله لاتین شکست امنیتی سرویس ابری از سایت الزویر


عنوان فارسی مقاله:

ارزیابی شکست امنیتی SSO در سرویسهای ابری


عنوان انگلیسی مقاله:

Evaluating single sign-on security failure in cloud services


سال انتشار :2016



برای دانلود رایگان مقاله شکست امنیتی سرویس ابری اینجا کلیک نمایید.





بخشی از مقاله انگلیسی:


2. Cloud identity management system

 In this section we discuss popular identity management technologies and solutions that allow end users to manage their personal attributes required for accessing certain services. These approaches highlight benefits of each in regards to the cloud identity system access. A general view of the cloud identity management system and processisshown in Figure 1. The federation establishment requires that providers exchange metadata; such metadata contains identifiers, public key certificates, and service attributes. These are used for the location and secure communication between providers’ services. This decoupling between providers enables identity providers to support many service providers in a distributed fashion, and also to focus on managing identities, accessing control policies, and issuing security tokens. OpenID as a part of the SSO today is commonly used between cloud service providers. OpenID 2.0 is a security assertion markup language (SAML) protocol determined by the same necessities for web space and web SSO, but the design goal is different. In particular, the main idea of OpenID is that a user can authenticate via URL and subsequently exhibit their preferred OpenID provider. OAuth defines a protocol in order for clients to access server resources on behalf of a resource owner. This provides a means for end users to authorize third-party access to their server resources without sharing their credentials. Windows CardSpace–—also known by its codename, InfoCard–—is the Microsoft client or identity selector for the identity metasystem, a system connecting multiple identity systems within one interface. Taking into consideration that end users may have different identities depending on the context in which they are interacting, the challenge of this approach is to allow end users to create, use, and manage their diverse digital identities in an understandable and effective way. The idea behind Windows CardSpace is that end users could manage their digital identities, along with their related attributes, in a way similar to how they manage their cards in their wallets.



برای دانلود رایگان مقاله شکست امنیتی سرویس ابری اینجا کلیک نمایید.






کلمات کلیدی:

Evaluating Single Sign-On Security Failure in Cloud Services Solution ... https://www.thecasesolutions.com › Operations Management Case Studies Nov 15, 2016 - Evaluating Single Sign-On Security Failure in Cloud Services Case Solution. facebook twitter google_plus mail ... [PDF]Security for Cloud Computing - Cloud Standards Customer Council www.cloud-council.org/.../CSCC-Security-for-Cloud-Computing-10-Steps-to-Ensure-... Failure to ensure appropriate security protection when using cloud services could ..... Question to cloud provider: Do you offer single-sign-on for access across. 5.2 Identity Management - User Authentication in the Cloud | NIST https://www.nist.gov/itl/52-identity-management-user-authentication-cloud Nov 2, 2010 - Actors: cloud-subscriber, cloud-subscriber-user, cloud-provider, ... should be able to transparently log in to the cloud application/service once they are ... Failure Condition/Failure Handling: trust relationship among ... Credit: Cloud Security Alliance's Guidance for Identity and Access Management, V2.1. What is single sign-on (SSO)? - Definition from WhatIs.com searchsecurity.techtarget.com › SSO and federated identity › Network security Jun 21, 2016 - Single sign-on (SSO) is a session and user authentication service that permits a user ... Explore whether enterprises should attempt SSO again after a failed implementation · See if cloud single sign-on increases security risks ... Cloud computing security - Wikipedia https://en.wikipedia.org/wiki/Cloud_computing_security Cloud computing security or, more simply, cloud security refers to a broad set of policies, ... Much like a warning sign on a fence or a property, deterrent controls typically .... simulating a major Internet or electricity supply failure for instance. Log ...