Secure Integration in the Cloud
A study explored how existing approaches to interacting across domain boundaries work together with cloud platforms. The focus was on the secure integration of common authentication solutions such as OAuth 2.0 or UMA. Novel product category related to cloud integration platforms (iPaaS) provides additional value to customers by integrating a diverse range of cloud services offered by third-parties. This way, the service providers of iPaaS deliver a cloud service that composes, integrates and reuses a range of different products and services offered by other providers or organisations. This concept assumes that the interactions, data-flows and service consumptions take place in a complex environment that spans across several domains. The resulting complexity, however, extends the attack surface and increases the security risk of these interactions. This is especially important to consider for cross-domain interactions, where the service provider may have access to broader range of user’s service than necessary to accomplish the task.
The paper that deals with the topic of secure integration in the cloud has been presented on 7th April, in the scope of ACM SAC 2016 conference. In this work we particularly considered the aspects of protocols, integration platforms, and security requirements in the case of the relevant building block of a typical integration platform.