The universal federator: A third-party authentication solution to federated cloud, edge, and fog

Cloud, Edge, and Fog computing provide computational services to different end users. A federation among these computing paradigms is beneficial, as it enhances the capability, capacity, coverage, and services of cloud, edge, and fog. An authentication method is needed to realize such a federation among cloud, edge, and fog so that a user belonging to one of these computing paradigms can use the services offered by other computing paradigms in the federation without creating a new account. This paper proposes a standard-compliant universal federator that transparently provides third-party authentication among different protocols, used by cloud, edge, and fog, such as 3GPP EPS-AKA, OpenID Connect (OIDC), and 802.1x. The federator provides transparency by using a controller and modules that act as virtual counterparts of the authentication entities in EPS-AKA, OIDC, and 802.1x. These virtual counterparts play multiple roles, depending upon the involved protocols. We deployed a testbed, published our implementation on GitHub, and tested third-party authentication for 16 scenarios across EPS-AKA, OIDC, and 802.1x. The results show that our federator successfully provides third-party authentication while taking 4.07–51.8% of the total authentication time, which ranges between 1.193–3.825 s for 16 scenarios. Some scenarios involving 802.1x take considerably longer due to the bottleneck caused by the 802.1x switch. We also conducted a security analysis to show that our proposed federator fulfills multiple security requirements.