Skip to main content
SpringerLink
Log in

Strong Authentication over Lock-Keeper

  • Conference paper
SOFSEM 2008: Theory and Practice of Computer Science (SOFSEM 2008)

Part of the book series: Lecture Notes in Computer Science ((LNTCS,volume 4910))

  • 1277 Accesses

Abstract

Based on the principle that ”the ultimate method to secure a network is to disconnect it”, the Lock-Keeper technology has been known as an efficient approach to guarantee the high-level security and prevent online network attacks by physically separating the protected hosts or networks. Because of its simple idea and extensible architecture, the Lock-Keeper system can be easily and seamlessly integrated with other security methods or solutions to provide thorough protection for most actual network-based applications. This paper will propose an advanced strong authentication framework based on the Lock-Keeper. Thanks to Lock-Keeper’s physical disconnection, all the credentials, privacies and policies required by the authentication mechanism can be securely stored and manipulated by being completely isolated with both the external and the internal networks. The whole authentication procedure can be performed in the clean and trusted Lock-Keeper GATE component. Based on the proposed framework, a prototypical platform is implemented in the Lock-Keeper to enhance the security of the Lock-Keeper Web Service module, which is one of important Lock-Keeper application modules, and can be applied to secure most web applications in Service-Oriented-Architecture environment.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 84.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 109.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Zviran, M., Haga, W.J.: A Comparison of Password Techniques for Multilevel Authentication Mechanisms. Computer Journal 36(3), 227–237 (1993)

    Article  Google Scholar 

  2. Housley, R., Ford, W., Polk, W., Solo, D.: Internet X.509 Public Key Infrastructure Certificate and CRL Profile. IETF - Network Working Group, The Internet Society, RFC 2459 (January 1999)

    Google Scholar 

  3. Cantor, S., Moreh, I.J., Philpott, S.R., Maler, E.: Metadata for the OASIS Security Assertion Markup Language (SAML), V2.0. OASIS SSTC, oasis-open.org (2005)

    Google Scholar 

  4. Rankl, W., Effing, W.: Smart Card Handbook, 3rd edn. John Wiley and Sons, Ltd., Hoboken, NJ (2003)

    Google Scholar 

  5. Wayman, J.L.: Fundamentals of Biometric Authentication Technologies. International Journal of Image and Graphics 1(1), 93–113 (2001)

    Article  Google Scholar 

  6. RSA Security, Inc. Strong Authentication: An Essential Component of Identity and Access Management. White Paper, RSA Security, Inc.: SA-WP-0804 (2004)

    Google Scholar 

  7. Lobel, M.: Case for Strong User Authentication White Paper, TRS, PrincewaterhaouseCoopers: CSUA-WP-0200 (2005)

    Google Scholar 

  8. Witty, R.J., Wagner, R.: The Growing Need for Identity and Access Management. White Paper, Gartner, Inc.: AV-21-4512 (2003)

    Google Scholar 

  9. Alonso, G., Casati, F., Kuno, H., Machiraju, V.: Web Services: Concepts, Architectures and Applications. Springer, Berlin, Germany (2004)

    MATH  Google Scholar 

  10. Cheng, F., Meinel, Ch.: Research on the Lock-Keeper Technology: Architectures, Applications and Advancements. International Journal of Computer & Information Science 5(3), 236–245 (2004)

    Google Scholar 

  11. IAG 2007 website in Microsoft (2006-2007), www.microsoft.com/iag

  12. Menoher, J.: Owl Computing Product Overview: Secure One-Way Data Transfer Systems. White Paper, Owl Computing Technologies, Inc. (2007)

    Google Scholar 

  13. Kang, M.H., Moskowitz, I.S.: A Pump for Rapid, Reliable, Secure Communication. In: CCS 1993. Proceedings of 1st ACM Conference on Computer & Communications Security, Fairfax, VA (1993)

    Google Scholar 

  14. Lock-Keeper WebSite of Siemens Switzerland (2005-2007), www.siemens.ch

  15. Cheng, F., Meinel, C.: Deployment Virtual Machines in Lock-Keeper. In: WISA 2006. LNCS, vol. 4298, Springer, Heidelberg (2006)

    Google Scholar 

  16. User Mode Linux Core Team: User Mode Linux HOWTO, user-mode-linux.sourceforge.net

  17. Cheng, F., Menzel, M., Meinel, Ch.: A Secure Web Services Providing Framework based on Lock-Keeper. In: APNOMS2007. LNCS, vol. 4773, Springer, Heidelberg (2007)

    Google Scholar 

  18. ForumSystems: Forum Xwall - XML Firewall Product Data Sheet (2005), www.forumsystems.com/papers/

  19. Curphey, M., Scambray, J., Olson, E., Howard, M.: Improving Web Application Security: Threats and Countermeasures. Microsoft Press, Washington (2003)

    Google Scholar 

  20. Neuman, C., Yu, T., Hartman, S., Raeburn, K.: The Kerberos Network Authentication System Kerberos RFC4120, kerberos.info (July 2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Hasso Plattner Institute, University of Potsdam, P.O.Box 900460, 14440, Potsdam, Germany

    Feng Cheng & Christoph Meinel

Authors
  1. Feng Cheng
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Christoph Meinel
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Viliam Geffert Juhani Karhumäki Alberto Bertoni Bart Preneel Pavol Návrat Mária Bieliková

Rights and permissions

Reprints and permissions

Copyright information

© 2008 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Cheng, F., Meinel, C. (2008). Strong Authentication over Lock-Keeper. In: Geffert, V., Karhumäki, J., Bertoni, A., Preneel, B., Návrat, P., Bieliková, M. (eds) SOFSEM 2008: Theory and Practice of Computer Science. SOFSEM 2008. Lecture Notes in Computer Science, vol 4910. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-540-77566-9_50

Download citation

  • DOI: https://doi.org/10.1007/978-3-540-77566-9_50

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-540-77565-2

  • Online ISBN: 978-3-540-77566-9

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation