Cloud computing is computing in which large groups of remote servers are networked to allow scalable and on demand access to computing services or resources. This converged infrastructure enables shared services between a number of users. Cloud computing may be used to implement a variety of computational paradigms, such as virtual machines, jobs, remote procedure calls, traditional servers, etc.
Popular cloud computing architectures are stateless meaning that there is no record of previous interactions and each interaction request has to be handled based entirely on information that comes with it. For example, cloud systems EC2 or OpenStack use stateless design principle such as REST wherein client context is not stored in a server between requests.
In stateless architectures, each request contains an access credential usually in the form of a token. Thus, each request to an OpenStack service contains a token to authenticate and authorize a request.
Systems of using tokens in cloud computing as a way for a user to authenticate themselves against an application is known, for example, from US2014373126.
In stateless architecture, to obtain a token that will give a user access to a particular service, a user first authenticates themselves using an unscoped token and then requests a scoped token from a scoped token provider. If the authentication and the request for a scoped token is successful, the scoped token provider issues a scoped token to the user. The scoped token comprises capabilities which include role, permission, rules and conditions, expiry time, delegation capability, target endpoint or target resource. The scoped token enables the user to access protected resources by requesting a service or perform an operation using the scoped token, for example create a virtual machine.
For the scoped token provider to issue a scoped token to the user with the correct capabilities, the user needs to include in their request for a scoped token what capabilities are required for an operation of a service.
In many cases, it is difficult for a user to determine the exact scope required for a token, i.e. what access or credentials the user requires in order to use a service. This may result in an over-scoped token which comprises more capabilities than necessary for the service, thus the user would have access to other restricted resources. Thus, an over-scoped token is a security risk, and if misused, could result in malicious actions by users. As an example, in OpenStack a token is not bound to a particular service endpoint and as such the token is valid for several service endpoints giving a user access to more service endpoints than required.