[Cloud Computing]Mechanisms: Single Sign-On
来源:互联网 发布:linux svn 编辑:程序博客网 时间:2024/06/04 08:11
Single Sign-On
Propagating the authentication and authorization information for a cloud service consumer across multiple cloud services can be a challenge, especially if multiple cloud services or cloud-based IT resources need to be invoked as part of the same overall runtime activity. The single sign-on (SSO) mechanism enables one cloud service consumer to be authenticated by a security broker, which establishes a security context that is persisted while the cloud service consumer accesses other cloud services or cloud-based IT resources. Otherwise, the service consumer would need to re-authenticate itself with every subsequent request.
An advantage to the SSO mechanism is how it enables mutually independent services and IT resources to generate and circulate runtime authentication and authorization credentials. The credentials initially provided by the cloud consumer remain valid for the duration of the user's session, while its security context information is shared with the other IT resources. The SSO mechanism's security broker is especially useful when a cloud consumer needs to access cloud services residing on different clouds (Figure 1).
Figure 1 - A cloud service consumer provides the security broker with login credentials (1). The security broker responds with an authentication token (message with small lock symbol) upon successful authentication, which contains cloud service consumer identity information (2) that is used to automatically authenticate the cloud service consumer by Cloud Services A, B, and C (3).
Related Patterns:
- Cloud Resource Access Control
- [Cloud Computing]Mechanisms: Single Sign-On
- [Cloud Computing]Mechanisms: Certificate
- [Cloud Computing]Mechanisms: Encryption
- [Cloud Computing]Mechanisms: Geotag
- [Cloud Computing]Mechanisms: Honeypot
- [Cloud Computing]Mechanisms: Hypervisor
- [Cloud Computing]Mechanisms: Sandbox
- [Cloud Computing]Mechanisms: Attestation Service
- [Cloud Computing]Mechanisms: Attribute Authority
- [Cloud Computing]Mechanisms: Audit Monitor
- [Cloud Computing]Mechanisms: Certificate Authority
- [Cloud Computing]Mechanisms: Data Transport
- [Cloud Computing]Mechanisms: Digital Signature
- [Cloud Computing]Mechanisms: Failover System
- [Cloud Computing]Mechanisms: Load Balancer
- [Cloud Computing]Mechanisms: LUN Masking
- [Cloud Computing]Mechanisms: Malware Hash
- [Cloud Computing]Mechanisms: Orchestration Engine
- MyEclipse/Eclipse 打包项目没引入第三方jar解决办法
- nyoj32 组合数
- Swiper 插件
- hdu1873 看病要排队(队列+优先级)
- HDOJ 1896 Stones【优先队列】
- [Cloud Computing]Mechanisms: Single Sign-On
- 开灯问题
- [2016/7/26][usaco 2.2]Party Lamps
- Android 6.0及以上权限处理
- 现在给你一个16进制的加减法的表达式,要求用8进制输出表达式的结果。
- POJ 1001 高精度乘法
- JQuery移除事件
- 重建二叉树
- http协议详解