Single Sign-On Using Trusted Platforms
نویسندگان
چکیده
Network users today have to remember one username/password pair for every service they are registered with. One solution to the security and usability implications of this situation is Single Sign-On, a mechanism by which the user authenticates only once to an entity termed the ‘Authentication Service Provider’ (ASP) and subsequently uses disparate Service Providers (SPs) without necessarily re-authenticating. The information about the user’s authentication status is handled between the ASP and the desired SP in a manner transparent to the user. This paper demonstrates a method by which the end-user’s computing platform itself plays the role of the ASP. The platform has to be a Trusted Platform conforming to the Trusted Computing Platform Alliance (TCPA) specifications. The relevant TCPA architectural components and security services are described and associated threats are analysed.
منابع مشابه
Proof of Concept Implementation of Trustworthy Mutual Attestation Architecture for True Single Sign-on
To overcome computer network issues, user credentials for security and management have been used for single sign-on solutions and they have apparently helped to boost the security and usability of credentials. For true single sign-on solutions, where trusted entities are assisted by trusted platform module in the client and server platforms, they need a module that plays the role of authenticat...
متن کاملDaonity: An Experience on Enhancing Grid Security by Trusted Computing Technology
A critical problem for grid security is how to gain secure solution for Grid virtual organization (VO). In Grid practice at present, issues of VO security rely on non-distributed policy management and related PKI mechanism. A practical but difficult solution is to enforce fine granularity policy over distributed sites. The emerging Trusted Computing (TC) technologies offer great potential to im...
متن کاملAn Approach to Identity Management in Clouds without Trusted Third Parties
The management of sensitive data, including identity management (IDM), is an important problem in cloud computing, fundamental for authentication and fine-grained service access control. Our goal is creating an efficient and robust IDM solution that addresses critical issues in cloud computing. The proposed IDM scheme does not rely on trusted third parties (TTPs) or trusted dealers. The scheme ...
متن کاملTrustFound: Towards a Formal Foundation for Model Checking Trusted Computing Platforms
Trusted computing relies on formally verified trusted computing platforms to achieve high security assurance. In practice, however, new platforms are often proposed without a comprehensive formal evaluation and explicitly defined underlying assumptions. In this work, we propose TRUSTFOUND, a formal foundation and framework for model checking trusted computing platforms. TRUSTFOUND includes a lo...
متن کاملSingle Attestation Image for a Trusted and Scalable Grid
Traditionally, Grid users are forced to trust the Grid platforms, but the users are not always regarded as trustworthy. This trust asymmetry hinders the commercializing of Grid resources. Trusted Grid is proposed to tackle this challenge by leveraging Trusted Computing (TC). However, the TC relies on a microcontroller Trusted Platform Modules (TPM) which has limited computing power and is doome...
متن کامل