The basis for security in the cloud or on the
local network is formed by authentication. Management of Identity in Corporate
have been a difficult task, and for exchanging resources across organisational
lines several business groups have been grouped. Another layer of complexity is
added by private, public and hybrid.
Security Assertion Mark-up Language (SAML used to differentiate
identity provider and service provider which is
in open data format at standard form for interchanging authentication and authorization.
Authentication is used in network access security. IT resources have been
administrated by authentication by using one-time password and USB sticks. Users
are helped by cloud service providers to access their information through
Internet. Identity management (IDM) is used in to authenticate user and
ACCESS CONTROL IN CLOUD COMPUTING:
5) USER BASED AUTHENTICATION:
In authentication login one’s id and password that one stored
in system repository that are used by user are validated under credentials.
6) SMART CARD BASED AUTHENTICATIONS:
This is storage of data which is cryptographic as this is
the second factor of authentication
In this the user has to give some input such as user id,
retina scan or thumbprint. This is used for safeguarding the top confidential
files which is strong and third party in authentication. e.g.: in military.
8) GRID BASED AUTHENTICATION:
This is provided by entrust identity guard which is a second
9) KNOWLEDGE BASED AUTHENTICATION:
An additional confidence in user’s identity is provided to
face the challenge attacker. The providers can ask to the user about information
which is appropriate to confirm data about user.
10) MACHINE AUTHENTICATION:
This is one of the efficient
method in which account can be accessed by the users from regular machines by
allowing the authentication in strong way.
11) ONE TIME PASSWORD: (OTP)
This type is works very dynamically where the password can
be used only once so that the hacker can hack the password which cannot be used
another time. OTP has two types: 1) Synchronous – in which token device is
synchronizes. 02) Asynchronous – challenging device token.
12) GLOBAL AUTHORIZATION:
The security rules and policy here are globally declared. This
is further divided in to Global and Local. E.g. Global –Membership of
Organisation and for example of Local is Users whom are banned.
Authentication and Authorization is important for the large
distributed system like cloud. This term is useful for security issues to user and
also cloud providers for solving multiple issues. Research based on security problem
is in process where we can find better resolve methods . Hence this paper will
give us so many ideas based on various methods and frameworks which are designed