A Token-Based Single Sign-On Protocol
- 833 Downloads
A token based single sign-on protocol for distribution systems is proposed in this paper. When a user C logs on a system, a centralized authentication server A will authenticate C and issue C a token which is signed by A and includes a session key generated by A as well as a time stamp. C can use the token to access any application server S.S will send the C’s request to the A. Then A will verify the validity of the token. There are two advantages of this protocol: 1) Time synchronization between severs S and the user C is not necessary. 2) All authentication state information such as session key is stored in the token rather than in the memory of A, thus the performance of A can be promoted effectively.We have used SVO logic to do formal analysis of this protocol.
Unable to display preview. Download preview PDF.
- 1.Chamberlin, N.: A Brief Overview of Single Single-on Technology [EB/OL] (2000), http://www.gitec.org/assets/pdfs
- 2.Kohl, J., Neuman, C.: The Kerberos Network Authentication Service (V5) [S]. RFC 1510 ( September 1993)Google Scholar
- 4.Syverson, P., van Oorschot, P.C.: On unifying some cryptographic protocol logics. In: Proceeding of 1994 IEEE Symposium on Research in Security and Privacy, Oakland,California, pp. 14–28 (May 1994)Google Scholar
- 5.Syverson, P.: Limitations on Design Principles for Public Key Protocols. In: Proceedings of 1996 IEEE Symposium on Research in Security and Privacy, Oakland,California, pp. 62–72 (May 1996)Google Scholar