5 research outputs found
A JSON Token-Based Authentication and Access Management Schema for Cloud SaaS Applications
Cloud computing is significantly reshaping the computing industry built
around core concepts such as virtualization, processing power, connectivity and
elasticity to store and share IT resources via a broad network. It has emerged
as the key technology that unleashes the potency of Big Data, Internet of
Things, Mobile and Web Applications, and other related technologies, but it
also comes with its challenges - such as governance, security, and privacy.
This paper is focused on the security and privacy challenges of cloud computing
with specific reference to user authentication and access management for cloud
SaaS applications. The suggested model uses a framework that harnesses the
stateless and secure nature of JWT for client authentication and session
management. Furthermore, authorized access to protected cloud SaaS resources
have been efficiently managed. Accordingly, a Policy Match Gate (PMG) component
and a Policy Activity Monitor (PAM) component have been introduced. In
addition, other subcomponents such as a Policy Validation Unit (PVU) and a
Policy Proxy DB (PPDB) have also been established for optimized service
delivery. A theoretical analysis of the proposed model portrays a system that
is secure, lightweight and highly scalable for improved cloud resource security
and management.Comment: 6 Page
Strategies for Integrating the Internet of Things in Educational Institutions
The introduction of the Internet of Things (IoT) into educational institutions has necessitated the integration of IoT devices in the information technology (IT) infrastructural environment of educational institutions. Many IT leaders at educational institutions, however, lack strategies for integrating and deploying IoT devices in their institutions, which has resulted in numerous security breaches. The purpose of this study was to explore security strategies adopted by IT administrators to prevent data breaches resulting from the integration of IoT devices in their educational institutions. The diffusion of innovations theory served as the conceptual framework for this qualitative multiple case study. Eleven IT leaders in 11 public K–12 educational institutions, who had successfully integrated IoT in their educational institutions in the United States Midwest region, were interviewed. Thematic analysis was the data analysis strategy. The 3 major themes that emerged were (a) organizational breach prevention, (b) infrastructure management—external to IT, and (c) policy management—internal to IT. A key recommendation is for IT leaders to develop strategies to harness the efficiencies and stabilities that exist during the integration of IoT devices in their educational institutions. The implications for social change include the potential for securely transforming the delivery of education to students and ensuring the safety of academic personnel by identifying strategies that IT leaders can use to securely integrate IoT devices in educational settings