research-article

Enhancing Cloud based Data Platforms for Smart Cities with Authentication and Authorization Features

Authors:

Philipp Lämmel,

Nikolay Tcholtchev,

Ina SchieferdeckerAuthors Info & Claims

UCC '17 Companion: Companion Proceedings of the10th International Conference on Utility and Cloud Computing

Pages 167 - 172

https://doi.org/10.1145/3147234.3148087

Published: 05 December 2017 Publication History

Get Access

Abstract

The protection and securing of data platforms and related services plays a major role in the development of safety critical infrastructure for Smart Cities. Therefore, this paper specifies and develops an Integerated Component for Cloud Services (ISCS) that enables secure and trusted access to data and related services in the cloud. That means that the ISCS controls and handles access-related aspects such as authentication, authorization and registration. Furthermore, it is deployed and used in a large scale research project, in which it secures cloud services relating to electric mobility. ISCS is realized using OAuth and OpenID, whereas both are implemented by existing open source libraries. OAuth is a standard allowing services and applications to access safety critical resources in the cloud using a trustworthy infrastructure. OpenID is a popular standard originating from the web community, facilitating cross-domain authentication for portal users. The combination of both standards provides rich functionality, covering substantial aspects related to cloud service protection and security.

References

[1]

2017. Definition of Open Data. http://opendefinition.org/. (2017). last accessed: October 3, 2017.

Google Scholar

[2]

2017. GeMo. https://www.gemo.fraunhofer.de/en.html. (2017). last accessed: October 3, 2017.

Google Scholar

[3]

2017. Hibernate. http://hibernate.org/. (2017). last accessed: October 3, 2017.

Google Scholar

[4]

2017. How Shibboleth Works: Basic Concepts. http://shibboleth.net/about/basic. html. (2017). last accessed: October 3, 2017.

Google Scholar

[5]

2017. Mozilla Persona. https://developer.mozilla.org/en-US/Persona. (2017). last accessed: October 3, 2017.

Google Scholar

[6]

2017. Online Community for the Security Assertion Markup Language (SAML) OASIS Standard. http://www.saml.xml.org. (2017). last accessed: October 3, 2017.

Google Scholar

[7]

2017. OpenID Authentication 2.0 - Final. http://openid.net/specs/openid-authentication-2_0.html. (2017). last accessed: October 3, 2017.

Google Scholar

[8]

2017. Security and Privacy Considerations for the OASIS Security Markup Language V2.0. http://docs.oasis-open.org/security/saml/v2.0/saml-sec-consider-2. 0-os.pdf. (2017). last accessed: October 3, 2017.

Google Scholar

[9]

2017. Shibboleth. http://shibboleth.net/. (2017). last accessed.

Google Scholar

[10]

Dorothy E Denning and Giovanni Maria Sacco. 1981. Timestamps in key distribution protocols. Commun. ACM 24, 8 (1981), 533--536.

Digital Library

Google Scholar

[11]

Benjamin Dittwald. 2012. Eine webbasierte Infrastruktur zur Speicherung und Abfrage von strukturierten offenen Daten. Master's thesis. Freie Universität Berlin.

Google Scholar

[12]

D. Hardt. 2012. The OAuth 2.0 Authorization Framework. RFC 6749 (Proposed Standard). (Oct. 2012). http://www.ietf.org/rfc/rfc6749.txt

Google Scholar

[13]

M. Indrawan-Santiago. 2012. Database Research: Are We at a Crossroad? Reflection on NoSQL. In Network-Based Information Systems (NBiS), 2012 15th International Conference on. 45--51.

Digital Library

Google Scholar

[14]

Evanela Lapi, Nikolay Tcholtchev, Louay Bassbouss, Florian Marienfeld, and Ina Schieferdecker. 2012. Identification and Utilization of Components for a Linked Open Data Platform. 2012 IEEE 36th Annual Computer Software and Applications Conference Workshops 0 (2012), 112--115.

Digital Library

Google Scholar

Cited By

View all

Almer LHoralek JSvoboda T(2024)Possibilities of Using Fuzz Testing in Smart Cities ApplicationsNature of Computation and Communication10.1007/978-3-031-59462-5_6(85-97)Online publication date: 3-May-2024
https://doi.org/10.1007/978-3-031-59462-5_6
Lindner RJaca CHernantes J(2023)Analysis of Standardization Activities for City Resilience From Research ProjectsInternational Journal of Standardization Research10.4018/IJSR.31833120:1(1-21)Online publication date: 16-Feb-2023
https://doi.org/10.4018/IJSR.318331
Gardner DTanenbaum T(2023)The access control double bind: How everyday interfaces regulate access and privacy, enable surveillance, and enforce identityConvergence: The International Journal of Research into New Media Technologies10.1177/1354856523119370630:3(1186-1218)Online publication date: 19-Aug-2023
https://doi.org/10.1177/13548565231193706
Show More Cited By

Index Terms

Enhancing Cloud based Data Platforms for Smart Cities with Authentication and Authorization Features
1. Computer systems organization
  1. Architectures
    1. Distributed architectures
      1. Cloud computing
2. Security and privacy
  1. Security services

Recommendations

X.509 Authentication and Authorization in Fermi Cloud
UCC '14: Proceedings of the 2014 IEEE/ACM 7th International Conference on Utility and Cloud Computing

We present a summary of how X.509 authentication and authorization are used with Open Nebula in Fermi Cloud. We also describe a history of why the X.509 authentication was needed in Fermi Cloud, and review X.509 authorization options, both internal and ...
OAuth and ABE based authorization in semi-trusted cloud computing: aauth
DataCloud-SC '11: Proceedings of the second international workshop on Data intensive computing in the clouds

In cloud computing, inter-operations between data-storage and web-application providers can protect users from locking their data and applications into a single cloud provider. Currently, web-based access control standards are applicable only when data ...
A Framework for Authentication and Authorization Credentials in Cloud Computing
TRUSTCOM '13: Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications

Security is a key concern when adopting cloud technology. Cloud solutions include not only issues inherited from related technologies, such as virtualization and distributed computing, but also new concerns associated to complexity of the cloud ...

Comments

Please enable JavaScript to view thecomments powered by Disqus.

Information & Contributors

Information

Published In

UCC '17 Companion: Companion Proceedings of the10th International Conference on Utility and Cloud Computing

December 2017

252 pages

ISBN:9781450351959

DOI:10.1145/3147234

General Chairs:
Ashiq Anjum
University of Derby, UK
,
Alan Sill
Texas Tech University, USA
,
Program Chairs:
Geoffrey Fox
Indiana University, USA
,
Yong Chen
Texas Tech University, USA

Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than the author(s) must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected].

Publisher

Association for Computing Machinery

New York, NY, United States

Publication History

Published: 05 December 2017

Permissions

Request permissions for this article.

Request Permissions

Check for updates

Author Tags

Qualifiers

Research-article

Conference

UCC '17

Sponsor:

SIGARCH
IEEE TCSC

UCC '17: 10th International Conference on Utility and Cloud Computing

December 5 - 8, 2017

Texas, Austin, USA

Acceptance Rates

Overall Acceptance Rate 38 of 125 submissions, 30%

Contributors

Other Metrics

View Article Metrics

Bibliometrics & Citations

Bibliometrics

Article Metrics

6
Total Citations
View Citations
187
Total Downloads

Downloads (Last 12 months)5
Downloads (Last 6 weeks)0

Reflects downloads up to 20 Dec 2024

Other Metrics

View Author Metrics

Citations

Cited By

View all

Almer LHoralek JSvoboda T(2024)Possibilities of Using Fuzz Testing in Smart Cities ApplicationsNature of Computation and Communication10.1007/978-3-031-59462-5_6(85-97)Online publication date: 3-May-2024
https://doi.org/10.1007/978-3-031-59462-5_6
Lindner RJaca CHernantes J(2023)Analysis of Standardization Activities for City Resilience From Research ProjectsInternational Journal of Standardization Research10.4018/IJSR.31833120:1(1-21)Online publication date: 16-Feb-2023
https://doi.org/10.4018/IJSR.318331
Gardner DTanenbaum T(2023)The access control double bind: How everyday interfaces regulate access and privacy, enable surveillance, and enforce identityConvergence: The International Journal of Research into New Media Technologies10.1177/1354856523119370630:3(1186-1218)Online publication date: 19-Aug-2023
https://doi.org/10.1177/13548565231193706
Sancho JGarcía JAlesanco Á(2021)Authorizing Third-Party Applications Served through Messaging PlatformsSensors10.3390/s2117571621:17(5716)Online publication date: 25-Aug-2021
https://doi.org/10.3390/s21175716
Sasaki TMorita YJada A(2019)Access Control Architecture for Smart City IoT Platform2019 18th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/13th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE)10.1109/TrustCom/BigDataSE.2019.00102(717-722)Online publication date: Aug-2019
https://doi.org/10.1109/TrustCom/BigDataSE.2019.00102
Chaturvedi KMatheus ANguyen SKolbe T(2019)Securing Spatial Data Infrastructures for Distributed Smart City applications and servicesFuture Generation Computer Systems10.1016/j.future.2019.07.002101:C(723-736)Online publication date: 1-Dec-2019
https://dl.acm.org/doi/10.1016/j.future.2019.07.002

View Options

Login options

Check if you have access through your login credentials or your institution to get full access on this article.

Cited By

Index Terms

Recommendations

X.509 Authentication and Authorization in Fermi Cloud

OAuth and ABE based authorization in semi-trusted cloud computing: aauth

A Framework for Authentication and Authorization Credentials in Cloud Computing