Title: Secure single sign-on authentication using eIDs across public clouds
Authors: Bernd Zwattendorfer; Arne Tauber
Addresses: E-Government Innovation Center (EGIZ), Graz University of Technology, Graz, Austria ' E-Government Innovation Center (EGIZ), Graz University of Technology, Graz, Austria
Abstract: Most cloud computing service providers secure their offered cloud services by username/password schemes, which have been proven to be weak. While such schemes may be sufficient for simple personalised services, e-government or e-health applications in the cloud require more reliable and stronger mechanisms. One of such mechanisms is electronic IDs (eIDs), which allow for unique qualified identification and strong authentication. EIDs have been rolled-out in many EU member states for years. In this paper, we present how various national eIDs can be used for secure cloud authentication. We therefore extended the STORK eID interoperability framework, which will be the relevant identification and authentication framework across Europe in future. Furthermore, we increased usability by additionally applying single sign-on (SSO). Single sign-on defines the ability to authenticate just once in a distributed environment and gain access to several protected services. In fact, by our extended STORK architecture citizens of 18 EU member states - those member states that support STORK - are able to use seamless authentication at different cloud service providers by using their own national eID.
Keywords: cloud computing; public clouds; electronic identification; eID; SSO authentication; STORK; single-sign-on; cloud security; interoperability; EU member states; European Union.
DOI: 10.1504/IJITST.2014.068708
International Journal of Internet Technology and Secured Transactions, 2014 Vol.5 No.4, pp.291 - 306
Received: 28 Dec 2013
Accepted: 26 Jun 2014
Published online: 22 Apr 2015 *