Automatic Authentication to Cloud-Based Services

We describe the concept of automatic authentication for cloud-based services via the use of a client-centric solution for small and medium enterprises (SMEs). In previous work we have introduced the Identity Management Machine (IdMM) which is designed to handle the interaction between a client's identity directory and various cloud identity management systems. We now further refine this machine by describing its interaction with various cloud authentication systems. The IdMM is designed to aid SMEs in their adoption or migration to cloud-based services. The system allows SMEs to store its confidential data on-premise, enhancing the client's control over the data. We further enhance the privacy related aspects of a client-to-cloud interaction via the introduction of obfuscated and partially obfuscated identities which allow SMEs to also choose the type of data being sent to a cloud service. Since the IdMM is a single sign-on system capable of automatic authentication the risk of phishing or other social engineering attacks is reduced as an individual user may not be aware of his or her credentials for a given cloud service.