Single Sign-On in Cloud Federation using CloudSim

Abstract

Single Sign-On (SSO) is an authentication mechanism in which a Cloud Service Consumer (CSC) needs to be authenticated only once while accessing various services from multiple service providers, or when accessing multiple services from the same service provider. In the case of Cloud Federation, the consumers can get services from various Cloud Service Providers (CSPs) who are members of the federation, and SSO can be used to verify the legitimate users without requiring them to get authenticated with each service provider separately. CloudSim is a popular tool used for simulating various cloud computing scenarios. As of now, the simulator lacks effective user authentication and authorization methods with it. In this paper, we discuss the design and implementation of SSO mechanism in the Cloud Federation scenario using the CloudSim toolkit. We have used the Fully Hashed Menezes-Qu-Vanstone (FHMQV) protocol for the key exchange and the Symmetric Key Encryption technique AES-128 for encrypting the identity tokens. We give the workflow model for the proposed approach of SSO in the Cloud Federation and also, the execution time taken in the simulation for various Single Sign-On scenarios where the number of SSO required varies are also shown.