Identity federation broker for service cloud

Abstract

As the wide adoption of in-cloud services (e.g., software-as-a-service), some major identity related issues are brought up. For enterprises, it usually introduces additional cost and risk to manage identities in services. For service providers, typical pairwise identity federation solutions are not scalable to support single sign-on, service composition, etc. among services for large environment like service cloud. This paper proposes an identity federation broker that introduces a trusted third party as a trust broker to simplify the management of identity federation in a user centric manner. With this solution, the cost and risk of federated identity management for both enterprises and service providers could be significantly reduced. A detailed scenario implementation is given to demonstrate the feasibility of the solution. Moreover, the vulnerability analysis shows how the solution can resist the typical security attacks. © 2010 IEEE.