Abstract
At present, network users have to remember a username and a corresponding password for every service with which they are registered. One solution to the security and usability implications of this situation is Single Sign-On, whereby the user authenticates only once to an ‘Authentication Service Provider’ (ASP) and subsequently uses disparate Service Providers (SPs) without necessarily re-authenticating. The information about the user’s authentication status is handled between the ASP and the desired SP transparently to the user. This paper describes a method by which the end-user’s computing platform itself plays the role of the ASP. The platform has to be a Trusted Platform conforming to the Trusted Computing Platform Alliance (TCPA) specifications. The relevant TCPA architectural components and security services are described and associated threats are analysed.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Balacheff, B., Chen, L., Pearson, S., Plaquin, D., Proudler, G.: Trusted Computing Platforms: TCPA Technology in Context. Prentice-Hall, Englewood Cliffs (2003)
Berners-Lee, T., Fielding, R., Masinter, L.: Request For Comments 2396: Uniform Resource Identifiers (URI): Generic Syntax. Internet Engineering Task Force (August 1998)
De Clercq, J.: Single sign-on architectures. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 40–58. Springer, Heidelberg (2002)
Compaq Computer Corporation, Hewlett-Packard Company, IBM Corporation, Intel Corporation, Microsoft Corporation. TCPA Main Specification v. 1.1b (2000-2002)
Computer Security Center of the Department of Defense, Fort George G. Meade, Maryland 20755. Department of Defense Password Management Guideline (April 1985) CSC-STD-002-85
Eastlake, D.: Request For Comments 2535: Domain Name System Security Extensions. Internet Engineering Task Force (March 1999)
International Telecommunication Union. ITU-T Recommendation X.509 (03/2000), Information technology — Open systems interconnection — The Directory — Public-key and attribute certificate frameworks (2000)
Liberty Alliance. Liberty Architecture Glossary v.1.2-04 (April 2003)
Liberty Alliance. Liberty Authentication Context Specification v.1.2-05 (April 2003)
Liberty Alliance. Liberty ID-FF Architecture Overview v.1.2-03 (April 2003)
Liberty Alliance. Liberty ID-FF Bindings and Profiles Specification v.1.2-08 (April 2003)
Liberty Alliance. Liberty ID-FF Implementation Guidelines v.1.2-02 (April 2003)
Liberty Alliance. Liberty ID-FF Protocols and Schema Specification v.1.2-08 (April 2003)
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
National Institute of Standards and Technology. Federal Information Processing Standards Publication 180-1: Secure Hash Standard (April 1995)
OASIS Security Services Technical Commitee Homepage, http://www.oasis-open.org/committees/security/
Pashalidis, A., Mitchell, C.J.: A taxonomy of single sign-on systems. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 249–264. Springer, Heidelberg (2003)
Rescorla, E.: SSL and TLS. Addison-Wesley, Reading (2001)
TCPA. TCPA Frequently Asked Questions, Rev 5.0 (November 2002)
World Wide Web Consortium. XML-Signature Syntax and Processing, w3c recommendation edition (February 2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2003 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pashalidis, A., Mitchell, C.J. (2003). Single Sign-On Using Trusted Platforms. In: Boyd, C., Mao, W. (eds) Information Security. ISC 2003. Lecture Notes in Computer Science, vol 2851. Springer, Berlin, Heidelberg. https://doi.org/10.1007/10958513_5
Download citation
DOI: https://doi.org/10.1007/10958513_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20176-2
Online ISBN: 978-3-540-39981-0
eBook Packages: Springer Book Archive