Abstract
XtreemOS-MD SSO is a modular, pluggable, Single Sign-On (SSO) architecture. It has been conceived for easy integration of mobile devices into the Grid as part of XtreemOS project, but it may be reused by any other project. It offers semi-transparent integration with applications and makes easier the migration from enterprise servers to cloud computing infrastructures.
XtreemOS-MD SSO is inspired in Linux Key Retention Service (LKRS) with some enhancements and may interact with it, but it’s designed to run completely in user space, not requiring any special kernel support.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Pashalidis, A., Mitchell, C.J.: A taxonomy of single sign-on systems. LNCS. Springer, Heidelberg (2003)
Kupczyk, M., Lichwala, R., Meyer, N., Palak, B., Plociennik, M., Wolniewicz, P.: Mobile Work Environment for Grid Users. In: Fernández Rivera, F., Bubak, M., Gómez Tato, A., Doallo, R. (eds.) Across Grids 2003. LNCS, vol. 2970, pp. 132–138. Springer, Heidelberg (2003)
Neuman, B.C., Ts’o, T.: Kerberos: an authentication service for computer networks. IEEE Communications Magazine 32(9), 33–38 (1994)
Globus Security Key Concepts, http://www.globus.org/toolkit/docs/latest-stable/security/key/
Coppola, M., Jégou, Y., Matthews, B., Morin, M., Prieto, L.P., Sánchez, O.D., Yang, E., Yu, H.: Virtual Organization Support within a Grid-Wide Operating System. IEEE Internet Computing 12(2), 20–28 (2008)
Samar, V.: Unified login with pluggable authentication modules (PAM). In: Proceedings of the 3rd ACM Conference on Computer and Communications Security, p. 10 (1996)
Cortes, T., et al.: XtreemOS: a Vision for a Grid Operating System (2008), http://www.xtreemos.eu/publications/techreports/xtreemos-visionpaper-1.pdf
De Clercq, J.: Single Sign-On Architectures. In: Davida, G.I., Frankel, Y., Rees, O. (eds.) InfraSec 2002. LNCS, vol. 2437, pp. 40–58. Springer, Heidelberg (2002)
Saint-Andre, P., et al.: Extensible messaging and presence protocol (XMPP): Core. Technical Report, RFC 3920, Internet Engineering Task Force (2004)
Myers, J.: Simple authentication and security layer (SASL). Technical report, RFC 2222, Internet Engineering Task Force (2007)
Nadalin, A., Kaler, K., Monzillo, R., Hallam-Baker, P.: Web Services Security SOAP Message Security 1.1. OASIS Standard Specification (2006)
Simon, D., Aboba, B., Hurst, R.: The EAP-TLS Authentication Protocol. Technical report, RFC 5216, Internet Engineering Task Force (2008)
Dierks, T., Rescorla, E.: The Transport Layer Security (TLS) Protocol Version 1.1. Technical report, RFC 5216, Internet Engineering Task Force (2008)
Linux Key Retention System, http://kernel.org/doc/Documentation/keys.txt
SELinux: Security-Enhanced Linux, http://www.nsa.gov/research/selinux/
Schaufler, C.: Smack in Embedded Computing. In: Ottawa Linux Symposium (2008)
Kilpatrick, D., Salamon, D., Vance, C.: Securing the X Window system with SELinux. NAI Labs, Report #03-006 (2003)
FUSE: File system in User Space project, http://fuse.sourceforge.net/
Kantee, A., Crooks, A.: ReFUSE: Userspace FUSE Reimplementation Using puffs. In: Proceedings of the 6th European BSD Conference (2007)
MACFUSE: Fuse for MacOS X, http://code.google.com/p/macfuse/
DOKAN: User Mode FileSystem for Windows, http://dokan-dev.net/en/
STFC: Fourth Specification, Design and Architecture of the Security and VO Management Services, http://www.xtreemos.eu/publications/project-deliverables/d3-5-13.pdf
XSSO Architecture, http://www.opengroup.org/onlinepubs/008329799/chap3.htm
Liberty Alliance, http://projectliberty.org/
OpenMoko project, http://www.openmoko.org
Nokia: Introducing Maemo5: The software behind your computing mobile, http://maemo.nokia.com/
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering
About this paper
Cite this paper
Peribáñez, J.M., Martínez, A., Prieto, S., Gallego, N. (2010). XtreemOS-MD SSO. In: Schmidt, A.U., Russello, G., Lioy, A., Prasad, N.R., Lian, S. (eds) Security and Privacy in Mobile Information and Communication Systems. MobiSec 2010. Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering, vol 47. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-17502-2_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-17502-2_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-17501-5
Online ISBN: 978-3-642-17502-2
eBook Packages: Computer ScienceComputer Science (R0)