Abstract
This paper regards Single Sign-On as an accumulation of a series of two-party authentication, multiparty authentication and authorization. Such a comprehension brings new semantics for Single Sign-On in grids: authentication service and authorization service are separable and could communicate with each other through SAML assertions; Single Sign-On could support both two-party and multiparty authentication. Multiparty Joint Authentication (MJA) is designed to simplify multiparty authentication in some security context. This paper describes MJA with graph theory model and proposes its definition formally. The internal sequence diagram of MJA, possible assertion format of MJA, and MJA’s interactions with other OGSA services are also illustrated to reveal a systematic view of this paradigm.
This research is supported by the National Grand Fundamental Research 973 Program of China (No.2002CB312002), and the Grand Project (No.03dz15027) of the Science and Technology Commission of Shanghai Municipality.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Ferreira, L., Berstis, V., Armstrong, J., Kendzierski, M., Neukoetter, A., Takagi, M., Bing- Wo, R., Amir, A., Murakawa, R., Hernandez, O., Magowan, J., Bieberstein, N.: Introduction to Grid Computing with Globus. IBM Corp. (2002)
Surridge, M., Upstill, C.: Grid Security: Lessons for Peer-to-Peer Systems. In: Shahmehri, N., Graham, R., Garroni, R. (eds.) Proc. of the 3rd Intl. Conf. on Peer-to-Peer Computing, pp. 2–6. IEEE Press, Sweden (2003)
Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational Grids. In: Gong, L., Reiter, M. (eds.) Proc. of the 5th ACM Conf. on Computer and Comm. Sec., pp. 83–92. ACM Press, New York (1998)
Volchkov, A.: Revisiting Single Sign-On: A Pragmatic Approach in a New Context. IT Pro 1, 39–45 (2001)
Dae-Hee, S., Im-Yeong, L., Soo-Young, C., Choon-Soo, K.: Single Sign-On Systems Using Multi-Agent System. In: Gebali, F. (ed.) Proc. of IEEE Pacific Rim Conf. on Comm., Computers and Sig. Processing, pp. 692–695. IEEE Press, Canada (2003)
Novotny, J., Tuecke, S., Welch, V.: An Online Credential Repository for the Grid: MyProxy. In: Williams, A. (ed.) Proc. of 10th Intl. Symposium on H. Performance Distributed Computing, pp. 104–111. IEEE Press, California (2001)
Welch, V., Siebenlist, F., Foster, I., Bresnahan, J., Czajkowski, K., Gawor, J., Kesselman, C., Meder, S., Pearlman, L., Tuecke, S.: Security for Grid Services. In: Azada, D. (ed.) Proc. of 12th Intl. Symposium on H. Performance Distributed Computing, pp. 48–57. IEEE Press, Washington (2003)
Oppliger, R.: Microsoft.Net Passport: A Security Analysis. Computer 4, 29–35 (2003)
Website http://www.projectliberty.org/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2004 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Liu, H., Li, M. (2004). Multiparty Joint Authentication: Extending the Semantics of Single Sign-On for Grids. In: Jin, H., Pan, Y., Xiao, N., Sun, J. (eds) Grid and Cooperative Computing - GCC 2004 Workshops. GCC 2004. Lecture Notes in Computer Science, vol 3252. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-30207-0_45
Download citation
DOI: https://doi.org/10.1007/978-3-540-30207-0_45
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-23578-1
Online ISBN: 978-3-540-30207-0
eBook Packages: Springer Book Archive