APJ ABDUL KALAM TECHNOLOGICAL UNIVERSITY
THIRD SEMESTER MCA DEGREE EXAMINATION, JULY 2018

Course Code:RLMCA381
Course Name: CLOUD COMPUTING

Identity Protocol Standards define how exchange identity information between parties.

• Many protocols that provide identity services form the basis to create interoperability among services.
• Commonly used Identity protocol standards:

1. OpenID
2. XACML and SAML
3. OAuth

OpenID

• OpenID 2.0 is the standard associated with creating an identity and authenticate its use by a third-party service.
• It is the key to creating Single Sign-On (SSO) systems.
• OpenID doesn’t specify the means for authentication of an identity; a particular system should execute the authentication process.
• Authentication can be by a Challenge and Response Protocol (CHAP), through smart card, or a biometric measurement.

• In OpenIDL, the authentication procedure has the following steps:

1. The end-user uses a program like a browser that is called a user agent to enter an OpenID identifier.
2. The OpenID is presented to a service that provides access to the resource that is desired.
3. An entity called a relaying party queries the OpenID identity provider to authenticate the accuracy of the OpenID credentials.
4. The authentication is sent back to the relaying party from the identity provider and access is either provided or denied.

XACML and SAML

XACML and SAML

• The second protocol used is a set of authorization markup languages that create files in the form of XACML and SAML.

-SAML (Security Assertion Markup Language)

-XACML (eXtensible Access Control Markup Language)

• SAML is a standard for passing authentication and authorization between an identity provider and the service provider.
• The Security Assertion Markup Language (SAML) standard enables the secure exchange of authentication and authorization information between security domains
• Taken as a unit, OpenID and SAML are used as the standard authentication mechanism for clients accessing cloud services.

• It is particularly important for services such as mashups that draw information from two or more data services.

OAuth

• An open standard called OAuth provides a token service that can be used to present validated access to resources.
• The use of OAuth tokens allows clients to present credentials that contain no account information (userID or password) to a cloud service.
• The token comes with a defined period after which it can no longer be used.

Windows Azure Identity Standards

• The Windows Azure Platform uses a claims-based identity based on open authentication and access protocols.
• These standards may be used without modification on a system that is running in the cloud or on-premises.
• Windows Azure security draws on the following three services:

1. Active Directory Federation Services 2.0
2. Windows Azure AppFabric Access Control Service
3. Windows Identity Foundation (WIF)