Single Sign On architecture with dynamic tokens

Author

Satoh, Fumiko ; Itoh, Takayuki

Author_Institution

Tokyo Res. Lab., IBM Res. Lab., Kanagawa, Japan

fYear

2004

fDate

2004

Firstpage

197

Lastpage

200

Abstract

Single Sign On (SSO) is a useful technology that allows users to skip bothersome authentication processes during accesses to multiple services. It is particularly useful for services for mobile terminals because of their limited resources and interfaces. Some existing SSO mechanisms only verify static data such as IDs and passwords. However, we consider that it will be quite useful if they could deal with dynamic data. We propose a new SSO architecture that uses a "dynamic token" that describe dynamic data such as a payment history. The architecture introduces an additional server, named "Circulator", which distributes the latest token values to service providers. Accordingly, the providers can correctly verify the token values sent from clients. This paper proposes an efficient algorithm for Circulator to effectively visit the providers. The result of our experiment shows the efficiency of the algorithm.

Keywords

client-server systems; code division multiple access; message authentication; mobile computing; token networks; Circulator; Internet; SSO architecture; Single Sign On; client authentication system; dynamic data; dynamic token; mobile services; static data verification; Authentication; Certification; Credit cards; Digital signatures; History; Intrusion detection; Laboratories; Security; Service oriented architecture; Web and internet services;

fLanguage

English

Publisher

ieee

Conference_Titel

Applications and the Internet, 2004. Proceedings. 2004 International Symposium on

Print_ISBN

0-7695-2068-5

Type

conf

DOI

10.1109/SAINT.2004.1266116

Filename

1266116