A Diversified Set Of Security Features For Xmpp Communication Systems Useful In Cloud Computing Federation

Nowadays, in the panorama of Cloud Computing, finding a right compromise between interactivity and security is not trivial at all. Currently, most of Cloud providers base their communication systems on the web service technology. The problem is that both Cloud architectures and services have started as simple but they are becoming increasingly complex. Consequently, web services are often inappropriate. Recently, many operators in both academia and industry are evaluating the eXtensible Messaging and Presence Protocol for the implementation of Cloud communication systems. In fact, the XMPP offers many advantages in term of real-time capabilities, efficient data distribution, service discovery, and inter-domain communication compared to web service technologies. Nevertheless, the protocol lacks of native security features. In this paper, we explore such security issues, discussing how they can be mitigated using both SAML/SASL Single Sign-On (SSO) and XEP 0027.