Security Assertion Markup Language, which is an XML-based framework, has been developed to describe and exchange authorization and authentication information between on-line business partners. One of the major applications is used to achieve single sign-on through different cloud services. SAML has provided the basic assertion of security that allows the user to surf hybrid clouds of the enterprise. The identify provider, which in charge of the management of the user information, can help users access these services effortlessly. However, the user anonymity of SSO from different identify providers is still an open issue even in SAML 2.0. In this study, we propose a SSO architecture for hybrid cloud to achieve identity federation cross-IdP using SAML, which provide the user an enterprise-crossed, services-integrated, backward compatible, and anonymity-maintained environment.
展开▼
