Abstract
Based on the principle that ”the ultimate method to secure a network is to disconnect it”, the Lock-Keeper technology has been known as an efficient approach to guarantee the high-level security and prevent online network attacks by physically separating the protected hosts or networks. Because of its simple idea and extensible architecture, the Lock-Keeper system can be easily and seamlessly integrated with other security methods or solutions to provide thorough protection for most actual network-based applications. This paper will propose an advanced strong authentication framework based on the Lock-Keeper. Thanks to Lock-Keeper’s physical disconnection, all the credentials, privacies and policies required by the authentication mechanism can be securely stored and manipulated by being completely isolated with both the external and the internal networks. The whole authentication procedure can be performed in the clean and trusted Lock-Keeper GATE component. Based on the proposed framework, a prototypical platform is implemented in the Lock-Keeper to enhance the security of the Lock-Keeper Web Service module, which is one of important Lock-Keeper application modules, and can be applied to secure most web applications in Service-Oriented-Architecture environment.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Zviran, M., Haga, W.J.: A Comparison of Password Techniques for Multilevel Authentication Mechanisms. Computer Journal 36(3), 227–237 (1993)
Housley, R., Ford, W., Polk, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and CRL Profile. IETF - Network Working Group, The Internet Society, RFC 2459 (January 1999)
Cantor, S., Moreh, I.J., Philpott, S.R., Maler, E.: Metadata for the OASIS Security Assertion Markup Language (SAML), V2.0. OASIS SSTC, oasis-open.org (2005)
Rankl, W., Effing, W.: Smart Card Handbook, 3rd edn. John Wiley and Sons, Ltd., Hoboken, NJ (2003)
Wayman, J.L.: Fundamentals of Biometric Authentication Technologies. International Journal of Image and Graphics 1(1), 93–113 (2001)
RSA Security, Inc. Strong Authentication: An Essential Component of Identity and Access Management. White Paper, RSA Security, Inc.: SA-WP-0804 (2004)
Lobel, M.: Case for Strong User Authentication White Paper, TRS, PrincewaterhaouseCoopers: CSUA-WP-0200 (2005)
Witty, R.J., Wagner, R.: The Growing Need for Identity and Access Management. White Paper, Gartner, Inc.: AV-21-4512 (2003)
Alonso, G., Casati, F., Kuno, H., Machiraju, V.: Web Services: Concepts, Architectures and Applications. Springer, Berlin, Germany (2004)
Cheng, F., Meinel, Ch.: Research on the Lock-Keeper Technology: Architectures, Applications and Advancements. International Journal of Computer & Information Science 5(3), 236–245 (2004)
IAG 2007 website in Microsoft (2006-2007), www.microsoft.com/iag
Menoher, J.: Owl Computing Product Overview: Secure One-Way Data Transfer Systems. White Paper, Owl Computing Technologies, Inc. (2007)
Kang, M.H., Moskowitz, I.S.: A Pump for Rapid, Reliable, Secure Communication. In: CCS 1993. Proceedings of 1st ACM Conference on Computer & Communications Security, Fairfax, VA (1993)
Lock-Keeper WebSite of Siemens Switzerland (2005-2007), www.siemens.ch
Cheng, F., Meinel, C.: Deployment Virtual Machines in Lock-Keeper. In: WISA 2006. LNCS, vol. 4298, Springer, Heidelberg (2006)
User Mode Linux Core Team: User Mode Linux HOWTO, user-mode-linux.sourceforge.net
Cheng, F., Menzel, M., Meinel, Ch.: A Secure Web Services Providing Framework based on Lock-Keeper. In: APNOMS2007. LNCS, vol. 4773, Springer, Heidelberg (2007)
ForumSystems: Forum Xwall - XML Firewall Product Data Sheet (2005), www.forumsystems.com/papers/
Curphey, M., Scambray, J., Olson, E., Howard, M.: Improving Web Application Security: Threats and Countermeasures. Microsoft Press, Washington (2003)
Neuman, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos Network Authentication System Kerberos RFC4120, kerberos.info (July 2005)
Author information
Authors and Affiliations
Editor information
Rights and permissions
Copyright information
© 2008 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Cheng, F., Meinel, C. (2008). Strong Authentication over Lock-Keeper. In: Geffert, V., Karhumäki, J., Bertoni, A., Preneel, B., Návrat, P., Bieliková, M. (eds) SOFSEM 2008: Theory and Practice of Computer Science. SOFSEM 2008. Lecture Notes in Computer Science, vol 4910. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77566-9_50
Download citation
DOI: https://doi.org/10.1007/978-3-540-77566-9_50
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-77565-2
Online ISBN: 978-3-540-77566-9
eBook Packages: Computer ScienceComputer Science (R0)