Architecture for Controlled Credential issuance Enhanced with Single Sign-On (ACCESSO)
نویسندگان
چکیده
As more than half of the EU Member States already have rolled out electronic identity cards (eIDs) [Le13], it seems to be a rewarding approach to investigate whether and how eIDs may be used for the purpose of controlling the log-on process for operating systems and similar local access control facilities. While this paper shows that all currently rolled out eIDs may be used for such access control purposes, our investigation also reveals that for some types of eIDs it is significantly harder to support this kind of use case.
منابع مشابه
An Efficient, Robust, and Secure SSO Architecture for Cloud Computing Implemented in a Service Oriented Architecture
Implementing Single Sign-On (SSO) in a Cloud space for a spectrum of services and applications is an interesting research avenue for scientific communities in the field of secure identity and access management for Cloud Computing. Using an SSO implementation, in the backend, users can navigate any or all of the supported applications or resources without the need to repeatedly provide credentia...
متن کاملSingle Sign on (sso) Mechanism Enhanced with Firewall Security in Multiple Service Provider
Single sign-on (SSO) is a new authentication mechanism that enables a legal user with a single credential to be authenticated by multiple service providers in a distributed computer network. Recently, Chang and Lee proposed a new SSO scheme and claimed its security by providing well-organized security arguments. To demonstrative that their scheme is actually insecure as it fails to meet credent...
متن کاملIdentity Credential Issuance with Trusted Computing
In a client-server environment that deals with multiple clients, there is a need to provide a mechanism on the server to manage the issuance of the client credentials for security authorization. Credentials created using a particular own platform identities and functions as an authentication credentials to authenticate the platform itself in a network communication. However, these credentials c...
متن کاملSimplifying Public Key Credential Management Through Online Certificate Authorities and PAM
The secure management of X509 certificates in heterogeneous computing environments has proven to be problematic for users and administrators working with Grid deployments. We present an architecture based on short lived X509 credentials issued by a MyProxy server functioning as an Online Certificate Authority, on the basis of initial user authentication via PAM (Pluggable Authentication Modules...
متن کاملCAS++: An Open Source Single Sign-On Solution for Secure e-Services
Business and recreational activities on the global communication infrastructure are increasingly based on the use of remote resources and services, and on the interaction between different, remotely located parties. On corporate networks as well as on the open Web, the huge number of resources and services often requires to multiple log-ons leading to credential proliferation and, potentially, ...
متن کامل