ABSTRACT
Nowadays, a university needs to build and maintain a central ID database and authentication system for better ICT (information and communication technology) services. In 2008, the headquarters of Kyushu University had defined medium-range policy of ICT infrastructure preparation, and the policy had indicated construction of a central authentication system. According to the policy, the authors elaborated an installation plan of the Kyu(Q)shu University authentication system (QUAS, for short). Since 2009, Information Infrastructure Initiative of Kyushu University, to which the authors belong, has been issuing ID cards to all employees, and also operating LDAP servers. This paper introduces the action plan and outline of QUAS. This paper also describes two recent topics of QUAS. One is high load of LDAP servers because of rapid increase of mobile devices, and the other one is development of a multifactor authentication Shibboleth Identity Provider (IdP).
- Ito. E., Kasahara, Y., Nogita, M., and Suzuki, T. 2007. Institutional authentication platform for trustful inter/intra-institutional ubiquitous services, In Proceedings of the 2nd International Conference of Ubiquitous Information Technology (2nd ICUT), pp.103--108.Google Scholar
- Ito, E., Kasahara. Y., and Fujimura, N. 2012. A study of LDAP load balancing for University ICT services. IPSJ SIG Technical Report, Vol. 2012-CSEC-57/2012-IOT-17, No. 11, pp.51--56.Google Scholar
- GakuNin, https://www.gakunin.jp/docs/fedGoogle Scholar
- Shibboleth Consortium, Shibboleth, http://shibboleth.net/ .Google Scholar
- InCommon, http://www.incommon.org/Google Scholar
- UK Federation, http://www.ukfederation.org.uk/Google Scholar
- OpenLDAP, http://www.openldap.org/Google Scholar
- FalconSC, WisePoint, http://wisepoint.jp/Google Scholar
- Fujimura. N., Masuoka, K., and Masaki, Y. 2010. Experiences with Individual Receipt Confirmation System and the University Primary Mail Service. In Proceedings of SIGUCCS 2010 (Norfolk, VA, October 24-27 2010), pp.65--70. Google ScholarDigital Library
- Fujimura, N., Togawa, T., Kasahara, Y., and Ito, E. 2012. Introduction and experience with the Primary Mail Service based on their names for students. In Proceedings of the SIGUCCS 2012 (Memphis, TN, October 17 - 19, 2012). ACM, New York, NY, pp.11--14. Google ScholarDigital Library
- FreeRADIUS, http://freeradius.org/Google Scholar
Index Terms
- Implementation and operation of the Kyushu university authentication system
Recommendations
PUF-Based Mutual Multifactor Entity and Transaction Authentication for Secure Banking
LightSec 2015: Revised Selected Papers of the 4th International Workshop on Lightweight Cryptography for Security and Privacy - Volume 9542In this work we propose a protocol combining a Physical Unclonable Function PUF with Password-based Authenticated Key Exchange PAKE. The resulting protocol provides mutual multifactor authentication between client and server and establishes a session ...
Privacy preserving smartcard-based authentication system with provable security
In this paper, we suggest a new privacy preserving smartcard-based password authenticated key exchange SC-PAKE with provable security. Only the user who has two secrets smartcard and password can go through authentication with key exchange while ...
Design and Implementation to Authentication over a GSM System Using Certificate-Less Public Key Cryptography (CL-PKC)
Recent years, the mobile technology has experienced a great increment in the number of its users. The GSM's architecture provides different security features like authentication, data/signaling confidentiality and secrecy of user yet the channel is ...
Comments