INTRODUCTION: The basis for security in the cloud or on thelocal network is formed by authentication. Management of Identity in Corporatehave been a difficult task, and for exchanging resources across organisationallines several business groups have been grouped. Another layer of complexity isadded by private, public and hybrid.Security Assertion Mark-up Language (SAML used to differentiateidentity provider and service provider which is in open data format at standard form for interchanging authentication and authorization.Authentication is used in network access security.
IT resources have beenadministrated by authentication by using one-time password and USB sticks. Usersare helped by cloud service providers to access their information throughInternet. Identity management (IDM) is used in to authenticate user andservice.
ACCESS CONTROL IN CLOUD COMPUTING:5) USER BASED AUTHENTICATION:In authentication login one’s id and password that one storedin system repository that are used by user are validated under credentials.6) SMART CARD BASED AUTHENTICATIONS:This is storage of data which is cryptographic as this isthe second factor of authentication7) BIOMETRICS:In this the user has to give some input such as user id,retina scan or thumbprint. This is used for safeguarding the top confidentialfiles which is strong and third party in authentication. e.g.
: in military.8) GRID BASED AUTHENTICATION:This is provided by entrust identity guard which is a secondfactor authentication.9) KNOWLEDGE BASED AUTHENTICATION:An additional confidence in user’s identity is provided toface the challenge attacker.
The providers can ask to the user about informationwhich is appropriate to confirm data about user. 10) MACHINE AUTHENTICATION: This is one of the efficientmethod in which account can be accessed by the users from regular machines byallowing the authentication in strong way.11) ONE TIME PASSWORD: (OTP)This type is works very dynamically where the password canbe used only once so that the hacker can hack the password which cannot be usedanother time. OTP has two types: 1) Synchronous – in which token device issynchronizes.
02) Asynchronous – challenging device token.12) GLOBAL AUTHORIZATION:The security rules and policy here are globally declared. Thisis further divided in to Global and Local. E.g. Global –Membership ofOrganisation and for example of Local is Users whom are banned.
CONCLUSION:Authentication and Authorization is important for the largedistributed system like cloud. This term is useful for security issues to user andalso cloud providers for solving multiple issues. Research based on security problemis in process where we can find better resolve methods . Hence this paper willgive us so many ideas based on various methods and frameworks which are designedby researchers.