A Novel Distributed Authentication Framework for Single Sign-On Services

Author

Brasee, Kaleb ; Makki, S. Kami ; Zeadally, Sherali

Author_Institution

Dept. of Electr. Eng. & Comput. Sci., Univ. of Toledo, Toledo, OH

fYear

2008

fDate

11-13 June 2008

Firstpage

52

Lastpage

58

Abstract

In this paper we present a novel single sign-on scheme known as secure distributed single sign-on (SeDSSO). SeDSSO provides secure fault-tolerant authentication using threshold key encryption with a distributed authentication service. The authentication service consists of n total authentication servers utilizing a (t, n) threshold encryption scheme, where t distinct server-signed messages are required to generate a message signed by the service. SeDSSO provides secure portable identities by defining a two-factor identity that uses both a username/password and a unique USB device. The combination of a distributed authentication service and two-factor identities allows SeDSSO to securely authenticate users in any environment.

Keywords

Internet; cryptography; software fault tolerance; Internet; distributed authentication framework; fault-tolerant authentication; single sign-on services; threshold key encryption; Authentication; Computer networks; Computer security; Cryptography; Distributed computing; Fault tolerance; Information security; Internet; Network servers; Pervasive computing; Computer security; Distributed systems; SeDSSO; Single sign-on; Two-factor authentication;

fLanguage

English

Publisher

ieee

Conference_Titel

Sensor Networks, Ubiquitous and Trustworthy Computing, 2008. SUTC '08. IEEE International Conference on

Conference_Location

Taichung

Print_ISBN

978-0-7695-3158-8

Electronic_ISBN

978-0-7695-3158-8

Type

conf

DOI

10.1109/SUTC.2008.17

Filename

4545739