Abstract
CorSSO is a distributed service for authentication in networks. It allows application servers to delegate client identity checking to combinations of authentication servers that reside in separate administrative domains. CorSSO authentication policies enable the system to tolerate expected classes of attacks and failures. A novel partitioning of the work associated with authentication of principals means that the system scales well with increases in the numbers of users and services.
This work is supported in part by ARPA/RADC grant F30602-96-1-0317, AFOSR grant F49620-03-1-0156, Defense Advanced Research Projects Agency (DARPA) and Air Force Research Laboratory Air Force Material Command USAF under agreement number F30602-99-1-0533, National Science Foundation Grant 0205452, and grants from Intel Corporation and Microsoft Corporation. The views and conclusions contained herein are those of the authors and should not be interpreted as necessarily representing the official policies or endorsements, either expressed or implied, of these organizations or the U.S. Government. William Josephson is supported by a National Science Foundation graduate research fellowship.
This is a preview of subscription content, log in via an institution to check access.
Preview
Unable to display preview. Download preview PDF.
Similar content being viewed by others
References
Blaze, M., Feigenbaum, J., Lacy, J.: Decentralized trust management. In: Proceedings 1996 IEEE Symposium on Security and Privacy, May 1996, pp. 164–173 (1996)
Frankel, Y., Gemmell, P., Mackenzie, P., Yung, M.: Proactive RSA. In: Kaliski Jr., B.S. (ed.) CRYPTO 1997. LNCS, vol. 1294, pp. 440–455. Springer, Heidelberg (1997)
Gong, L.: Increasing availability and security of an authentication service. IEEE J. Select. Areas Commun. 11(5), 657–662 (1993)
Liberty Alliance Project. Introduction to the liberty alliance identity architecture (March 2003)
Organization for the Advancement of Structured Information Standards (February 2004), http://www.oasis-open.org
Ostrovsky, R., Yung, M.: How to withstand mobile virus attacks. In: Proceedings of the 10th ACM Symposium on Principles of Distributed Computing, pp. 51–59 (1991)
Rabin, T.: A simplified approach to threshold and proactive RSA. In: Krawczyk, H. (ed.) CRYPTO 1998. LNCS, vol. 1462, pp. 89–104. Springer, Heidelberg (1998)
Steiner, J.G., Neuman, B.C., Schiller, J.I.: Kerberos: An authentication service for open network systems. In: Proceedings of the Winter 1988 Usenix Conference (February 1988)
Zhou, L., Schneider, F.B., van Renesse, R.: COCA: A secure distributed on-line certification authority. ACM Transactions on Computing Systems 20(4), 329–368 (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Josephson, W.K., Sirer, E.G., Schneider, F.B. (2005). Peer-to-Peer Authentication with a Distributed Single Sign-On Service. In: Voelker, G.M., Shenker, S. (eds) Peer-to-Peer Systems III. IPTPS 2004. Lecture Notes in Computer Science, vol 3279. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30183-7_24
Download citation
DOI: https://doi.org/10.1007/978-3-540-30183-7_24
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-24252-9
Online ISBN: 978-3-540-30183-7
eBook Packages: Computer ScienceComputer Science (R0)