Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Approaches to the provision of data analytics for businesses offer methods to analyse and model data, enabling informed decision making to improve business performance and profitability. Typically, analytics processing is an intensive task and the demand for business insight, on-demand, means that organisations make use of elastic cloud provisioned resources to host such services. However, within the shared domains of multi-tenant cloud computing, business data and models are exposed to greater security threats and compromised privacy, since an unauthorised user may be able to gain access to highly sensitive, consolidated business-critical information. Busi- ness analytics processes are often composed from orchestrated, collaborating services, which are consumed by users from mul- tiple cloud systems (in different security realms), which need to be engaged dynamically at runtime. If heterogeneous cloud systems located in different security realms do not have direct authentication relationships, then it is a considerable technical challenge to enable secure collaboration. In order to address this security challenge, a new authentication framework is required to establish trust amongst business analytics service instances and users by distributing a common session secret to all participants of a session. We address this challenge by designing and implementing a secure multiparty authentication framework for dynamic interaction, for the scenario where members of different security realms express a need to access orchestrated services. This novel framework exploits the relationship of trust between session members in different security realms, to enable a user to obtain security credentials that access cloud resources in a remote realm. The mechanism assists cloud session users to authenticate their session membership, thereby improving the performance of authentication processes within multiparty sessions. We see applicability of this framework beyond multiple cloud infrastructure, to that of any scenario where multiple security realms has the potential to exist, such as the emerging Internet of Things (IoT).
LanguageEnglish
Title of host publicationProceedings - 20th International Conference on High Performance Computing and Communications, 16th International Conference on Smart City and 4th International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018
PublisherIEEE Computer Society
Pages742-749
Number of pages8
ISBN (Electronic)9781538666142
ISBN (Print)9781538666142
DOIs
Publication statusPublished - 24 Jan 2019
Event20th IEEE International Conference on High Performance Computing and Communications - Exeter, United Kingdom
Duration: 28 Jun 201830 Jun 2018
Conference number: 20
http://cse.stfx.ca/~hpcc2018/ (Link to Conference Website)

Conference

Conference20th IEEE International Conference on High Performance Computing and Communications
Abbreviated titleHPCC-2018
CountryUnited Kingdom
CityExeter
Period28/06/1830/06/18
Internet address

Fingerprint

Authentication
Industry
Cloud computing
Profitability
Decision making
Processing

Cite this

Al-Aqrabi, H., & Hill, R. (2019). Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments. In Proceedings - 20th International Conference on High Performance Computing and Communications, 16th International Conference on Smart City and 4th International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018 (pp. 742-749). [HPCC-290] IEEE Computer Society. https://doi.org/10.1109/HPCC/SmartCity/DSS.2018.00127
Al-Aqrabi, Hussain ; Hill, Richard. / Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments. Proceedings - 20th International Conference on High Performance Computing and Communications, 16th International Conference on Smart City and 4th International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018. IEEE Computer Society, 2019. pp. 742-749
@inproceedings{120f8b9e8d2744098b28bd7d65274e20,
title = "Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments",
abstract = "Approaches to the provision of data analytics for businesses offer methods to analyse and model data, enabling informed decision making to improve business performance and profitability. Typically, analytics processing is an intensive task and the demand for business insight, on-demand, means that organisations make use of elastic cloud provisioned resources to host such services. However, within the shared domains of multi-tenant cloud computing, business data and models are exposed to greater security threats and compromised privacy, since an unauthorised user may be able to gain access to highly sensitive, consolidated business-critical information. Busi- ness analytics processes are often composed from orchestrated, collaborating services, which are consumed by users from mul- tiple cloud systems (in different security realms), which need to be engaged dynamically at runtime. If heterogeneous cloud systems located in different security realms do not have direct authentication relationships, then it is a considerable technical challenge to enable secure collaboration. In order to address this security challenge, a new authentication framework is required to establish trust amongst business analytics service instances and users by distributing a common session secret to all participants of a session. We address this challenge by designing and implementing a secure multiparty authentication framework for dynamic interaction, for the scenario where members of different security realms express a need to access orchestrated services. This novel framework exploits the relationship of trust between session members in different security realms, to enable a user to obtain security credentials that access cloud resources in a remote realm. The mechanism assists cloud session users to authenticate their session membership, thereby improving the performance of authentication processes within multiparty sessions. We see applicability of this framework beyond multiple cloud infrastructure, to that of any scenario where multiple security realms has the potential to exist, such as the emerging Internet of Things (IoT).",
keywords = "Analytics, Cloud computing, Internet of Things, Multiparty interactions, Security",
author = "Hussain Al-Aqrabi and Richard Hill",
year = "2019",
month = "1",
day = "24",
doi = "10.1109/HPCC/SmartCity/DSS.2018.00127",
language = "English",
isbn = "9781538666142",
pages = "742--749",
booktitle = "Proceedings - 20th International Conference on High Performance Computing and Communications, 16th International Conference on Smart City and 4th International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018",
publisher = "IEEE Computer Society",
address = "United States",

}

Al-Aqrabi, H & Hill, R 2019, Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments. in Proceedings - 20th International Conference on High Performance Computing and Communications, 16th International Conference on Smart City and 4th International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018., HPCC-290, IEEE Computer Society, pp. 742-749, 20th IEEE International Conference on High Performance Computing and Communications, Exeter, United Kingdom, 28/06/18. https://doi.org/10.1109/HPCC/SmartCity/DSS.2018.00127

Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments. / Al-Aqrabi, Hussain; Hill, Richard.

Proceedings - 20th International Conference on High Performance Computing and Communications, 16th International Conference on Smart City and 4th International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018. IEEE Computer Society, 2019. p. 742-749 HPCC-290.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments

AU - Al-Aqrabi, Hussain

AU - Hill, Richard

PY - 2019/1/24

Y1 - 2019/1/24

N2 - Approaches to the provision of data analytics for businesses offer methods to analyse and model data, enabling informed decision making to improve business performance and profitability. Typically, analytics processing is an intensive task and the demand for business insight, on-demand, means that organisations make use of elastic cloud provisioned resources to host such services. However, within the shared domains of multi-tenant cloud computing, business data and models are exposed to greater security threats and compromised privacy, since an unauthorised user may be able to gain access to highly sensitive, consolidated business-critical information. Busi- ness analytics processes are often composed from orchestrated, collaborating services, which are consumed by users from mul- tiple cloud systems (in different security realms), which need to be engaged dynamically at runtime. If heterogeneous cloud systems located in different security realms do not have direct authentication relationships, then it is a considerable technical challenge to enable secure collaboration. In order to address this security challenge, a new authentication framework is required to establish trust amongst business analytics service instances and users by distributing a common session secret to all participants of a session. We address this challenge by designing and implementing a secure multiparty authentication framework for dynamic interaction, for the scenario where members of different security realms express a need to access orchestrated services. This novel framework exploits the relationship of trust between session members in different security realms, to enable a user to obtain security credentials that access cloud resources in a remote realm. The mechanism assists cloud session users to authenticate their session membership, thereby improving the performance of authentication processes within multiparty sessions. We see applicability of this framework beyond multiple cloud infrastructure, to that of any scenario where multiple security realms has the potential to exist, such as the emerging Internet of Things (IoT).

AB - Approaches to the provision of data analytics for businesses offer methods to analyse and model data, enabling informed decision making to improve business performance and profitability. Typically, analytics processing is an intensive task and the demand for business insight, on-demand, means that organisations make use of elastic cloud provisioned resources to host such services. However, within the shared domains of multi-tenant cloud computing, business data and models are exposed to greater security threats and compromised privacy, since an unauthorised user may be able to gain access to highly sensitive, consolidated business-critical information. Busi- ness analytics processes are often composed from orchestrated, collaborating services, which are consumed by users from mul- tiple cloud systems (in different security realms), which need to be engaged dynamically at runtime. If heterogeneous cloud systems located in different security realms do not have direct authentication relationships, then it is a considerable technical challenge to enable secure collaboration. In order to address this security challenge, a new authentication framework is required to establish trust amongst business analytics service instances and users by distributing a common session secret to all participants of a session. We address this challenge by designing and implementing a secure multiparty authentication framework for dynamic interaction, for the scenario where members of different security realms express a need to access orchestrated services. This novel framework exploits the relationship of trust between session members in different security realms, to enable a user to obtain security credentials that access cloud resources in a remote realm. The mechanism assists cloud session users to authenticate their session membership, thereby improving the performance of authentication processes within multiparty sessions. We see applicability of this framework beyond multiple cloud infrastructure, to that of any scenario where multiple security realms has the potential to exist, such as the emerging Internet of Things (IoT).

KW - Analytics

KW - Cloud computing

KW - Internet of Things

KW - Multiparty interactions

KW - Security

UR - http://www.scopus.com/inward/record.url?scp=85062537510&partnerID=8YFLogxK

U2 - 10.1109/HPCC/SmartCity/DSS.2018.00127

DO - 10.1109/HPCC/SmartCity/DSS.2018.00127

M3 - Conference contribution

SN - 9781538666142

SP - 742

EP - 749

BT - Proceedings - 20th International Conference on High Performance Computing and Communications, 16th International Conference on Smart City and 4th International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018

PB - IEEE Computer Society

ER -

Al-Aqrabi H, Hill R. Dynamic Multiparty Authentication of Data Analytics Services within Cloud Environments. In Proceedings - 20th International Conference on High Performance Computing and Communications, 16th International Conference on Smart City and 4th International Conference on Data Science and Systems, HPCC/SmartCity/DSS 2018. IEEE Computer Society. 2019. p. 742-749. HPCC-290 https://doi.org/10.1109/HPCC/SmartCity/DSS.2018.00127