Providing EAP-based Kerberos pre-authentication and advanced authorization for network federations

Marin-Lopez, Rafael; Pereñíguez, Fernando; López, Gabriel; Pérez-Méndez, Alejandro

doi:10.1016/j.csi.2011.02.005

Cited by 11 publications

(1 citation statement)

References 13 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Thus, the usage of Kerberos has been limited to controlling the access of local users registered in the service's domain. Recently, some alternatives, such as FedKERB, PanaKERB, and EduKERB, have been proposed to obtain the benefits of Kerberos without deploying an alternative cross‐realm infrastructure, by using a more common and widely used federation substrate: the AAA‐based federation. However, these solutions add or inflict changes in several entities and require new amendments to standards and related implementations.…”

Section: Related Workmentioning

confidence: 99%

Integrating an AAA‐based federation mechanism for OpenStack—The CLASSe view

Méndez

Millán

López

et al. 2017

Concurrency and Computation

View full text Add to dashboard Cite

Identity federations enable users, service providers and identity providers from different organizations to exchange authentication and authorization information in a secure way. In this paper we present a novel identity federation architecture for cloud services based on the integration of a cloud identity management service with an Authentication, Authorization and Accounting (AAA) infrastructure. Specifically we analyse how this type of AAA-based federation can be smoothly integrated into OpenStack, the leading open source cloud software solution, using the IETF Application Bridging for Federated Access Beyond web (ABFAB) specification for authentication and authorization. We provide details of the implementation undertaken in GÉANT s CLASSe project, and show its validation in a real testbed.

show abstract

Section: Related Workmentioning

confidence: 99%