Besides a cool buzzword, what could an authentication token for the cloud possibly be?
Well, since human users mostly interact with cloud services through the "Universal Client", the Internet browser, this probably means that such a token scheme must be integrated with the browser in some way, right?
Because tokens are supposed to be secure, there should be a way to maintain token integrity even in the harsh open Internet environment; otherwise we may better stick to passwords forever!
Finally, we can't ignore that Mobile Phones have become the shortest path to the Internet.
Here follows a short list of what I see as desirable properties for a token scheme that could work for everything from bloggers to the NSA:
|SKS/KeyGen2 - Executive Level Presentation||http://webpki.org/papers/keygen2/sks-keygen2-exec-level-presentation.pdf|
|API Description (SKS)||http://openkeystore.googlecode.com/svn/trunk/resources/docs/sks-api-arch.pdf|
|Open Hardware Development Platform||TBD|
|SKS integration in a CPU||http://openkeystore.googlecode.com/svn/trunk/resources/docs/tee-se-combo.pdf|
|Open Software Project||http://code.google.com/p/openkeystore|
|Secure Key Store - Reference Implementation||Java source code|
|KeyGen2 XML Schema||XML Schema|
|JUnit KeyGen2 Output||JUnit Printout|
|Application Note: Remote Key Unlock||http://webpki.org/papers/keygen2/remote-key-unlock.pdf|
|Public Domain Invention Disclosure||http://openkeystore.googlecode.com/svn/trunk/resources/docs/Efficient-Provisioning-of-Complex-Structures-Over-Unsecured-Channels.pdf|