Increasing availability and security of an authentication service

Authentication, the process by which one satisfies another about one´s claim of identity, is typically provided by an authentication server via an authentication protocol. Compromise of the authentication service can lead to the compromise of the whole system, and the service is a performance bottleneck because many activities cannot proceed unless the identities of concerned parties can be satisfactorily established. Therefore, a desirable authentication service should be both highly secure and highly available. A general solution in which the authentication server is replicated so that a minority of malicious and colluding servers cannot compromise security or disrupt service is proposed. Some unusual features of such a distributed authentication service, including the tradeoff between availability and security, are discussed. Such a distributed service is also useful when clients cannot identify or agree upon trusted servers prior to authentication. For example, in some cooperative or federated systems, clients simply cannot all trust the same set of servers