An Optimized Single Sign-On Schema for Reliable Multi -Level Security Management in Clouds

Because of its irreplaceable facilities, Cloud computing is a widely-accepted technology in both industry and academy. On-demand services, flexible provisioning, a broad range of functionalities are some of the advantages of this trend. Being able to use diverse services from distinct providers encourages organizations and individuals to follow this tendency. On the other hand, this flexibility brings security threats as well, especially in the area of authorization and authentication. In this paper, a flexible and secure access control method is proposed that supports security-level based authorization technique. While attribute mapping approach makes access control easy by categorizing a diverse range of attributes and authentication methods (e.g. PKI, FIDO U2F, LoA, etc.), utilized multi-factor authentication design helps to keep security consistent. Moreover, reliability and distinction of the proposed model are evaluated by security and competitive analysis.