DAuth—Delegated Authorization Framework for Secured Serverless Cloud Computing

Serverless computing which is known as Function as a service becomes a new form of cloud computing. In recent days it enables the components of cloud applications to run on multiple servers in order to provide various functionalities. However, the performance of such applications depends on various modules including the control mechanism of the application. There is a significant reduction in the response time and the ensuing operating costs as the functions are consumed based on need. The most common authorization standards used in Cloud Computing Services nowadays are Open Authorization (commonly referred to as OAuth), OpenID and Security Assertion Markup language. But, the above identity management mechanisms cause additional security vulnerabilities because of their open nature of identity federation. In order to eliminate such vulnerabilities, we have proposed in this paper a novel access named D-Auth which provides both authentication and authorization for serverless computing by introducing Server based with OTP and token authentication in serverless platform by generating D-Auth Tokens and cross sectional Comparative analysis is done between existing and proposed solution to validate the improvement in the protection of Identity management. It considerably reduces security threads by offloading the Identity management to in-premise servers. It enables the organization to implement their own security policies depending on their requirements.