Single Sign-On Using Trusted Platforms

Pashalidis, Andreas; Mitchell, Chris J.

doi:10.1007/10958513_5

Andreas Pashalidis⁶ &
Chris J. Mitchell⁶

Part of the book series: Lecture Notes in Computer Science ((LNCS,volume 2851))

Included in the following conference series:

International Conference on Information Security

718 Accesses
12 Citations

Abstract

At present, network users have to remember a username and a corresponding password for every service with which they are registered. One solution to the security and usability implications of this situation is Single Sign-On, whereby the user authenticates only once to an ‘Authentication Service Provider’ (ASP) and subsequently uses disparate Service Providers (SPs) without necessarily re-authenticating. The information about the user’s authentication status is handled between the ASP and the desired SP transparently to the user. This paper describes a method by which the end-user’s computing platform itself plays the role of the ASP. The platform has to be a Trusted Platform conforming to the Trusted Computing Platform Alliance (TCPA) specifications. The relevant TCPA architectural components and security services are described and associated threats are analysed.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution

Chapter: USD 29.95; Price excludes VAT (USA)

eBook: USD 39.99; Price excludes VAT (USA)

Softcover Book: USD 54.99; Price excludes VAT (USA)

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

References

Balacheff, B., Chen, L., Pearson, S., Plaquin, D., Proudler, G.: Trusted Computing Platforms: TCPA Technology in Context. Prentice-Hall, Englewood Cliffs (2003)
Google Scholar
Berners-Lee, T., Fielding, R., Masinter, L.: Request For Comments 2396: Uniform Resource Identifiers (URI): Generic Syntax. Internet Engineering Task Force (August 1998)
Google Scholar
De Clercq, J.: Single sign-on architectures. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 40–58. Springer, Heidelberg (2002)
Chapter Google Scholar
Compaq Computer Corporation, Hewlett-Packard Company, IBM Corporation, Intel Corporation, Microsoft Corporation. TCPA Main Specification v. 1.1b (2000-2002)
Google Scholar
Computer Security Center of the Department of Defense, Fort George G. Meade, Maryland 20755. Department of Defense Password Management Guideline (April 1985) CSC-STD-002-85
Google Scholar
Eastlake, D.: Request For Comments 2535: Domain Name System Security Extensions. Internet Engineering Task Force (March 1999)
Google Scholar
International Telecommunication Union. ITU-T Recommendation X.509 (03/2000), Information technology — Open systems interconnection — The Directory — Public-key and attribute certificate frameworks (2000)
Google Scholar
Liberty Alliance. Liberty Architecture Glossary v.1.2-04 (April 2003)
Google Scholar
Liberty Alliance. Liberty Authentication Context Specification v.1.2-05 (April 2003)
Google Scholar
Liberty Alliance. Liberty ID-FF Architecture Overview v.1.2-03 (April 2003)
Google Scholar
Liberty Alliance. Liberty ID-FF Bindings and Profiles Specification v.1.2-08 (April 2003)
Google Scholar
Liberty Alliance. Liberty ID-FF Implementation Guidelines v.1.2-02 (April 2003)
Google Scholar
Liberty Alliance. Liberty ID-FF Protocols and Schema Specification v.1.2-08 (April 2003)
Google Scholar
Menezes, A.J., van Oorschot, P.C., Vanstone, S.A.: Handbook of Applied Cryptography. CRC Press, Boca Raton (1997)
MATH Google Scholar
National Institute of Standards and Technology. Federal Information Processing Standards Publication 180-1: Secure Hash Standard (April 1995)
Google Scholar
OASIS Security Services Technical Commitee Homepage, http://www.oasis-open.org/committees/security/
Pashalidis, A., Mitchell, C.J.: A taxonomy of single sign-on systems. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, pp. 249–264. Springer, Heidelberg (2003)
Chapter Google Scholar
Rescorla, E.: SSL and TLS. Addison-Wesley, Reading (2001)
Google Scholar
TCPA. TCPA Frequently Asked Questions, Rev 5.0 (November 2002)
Google Scholar
World Wide Web Consortium. XML-Signature Syntax and Processing, w3c recommendation edition (February 2002)
Google Scholar

Download references

Author information

Authors and Affiliations

Royal Holloway, University of London, Egham, Surrey, TW20 0EX, United Kingdom
Andreas Pashalidis & Chris J. Mitchell

Authors

Andreas Pashalidis
View author publications
You can also search for this author in PubMed Google Scholar
Chris J. Mitchell
View author publications
You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

Information Security Institute, Queensland University of Technology, GPO Box 2434, Qld 4001, Brisbane, Australia
Colin Boyd
Hewlett-Packard Laboratories, Filton Road, Stoke Gifford, BS34 8QZ, Bristol, UK
Wenbo Mao

Rights and permissions

Reprints and permissions

Copyright information

About this paper

Cite this paper

Pashalidis, A., Mitchell, C.J. (2003). Single Sign-On Using Trusted Platforms. In: Boyd, C., Mao, W. (eds) Information Security. ISC 2003. Lecture Notes in Computer Science, vol 2851. Springer, Berlin, Heidelberg. https://doi.org/10.1007/10958513_5

Download citation

DOI: https://doi.org/10.1007/10958513_5
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-20176-2
Online ISBN: 978-3-540-39981-0
eBook Packages: Springer Book Archive

Publish with us

Policies and ethics