A pump for rapid, reliable, secure communication
CCS '93 Proceedings of the 1st ACM conference on Computer and communications security
Understanding SOA with Web Services (Independent Technology Guides)
Understanding SOA with Web Services (Independent Technology Guides)
Understanding windows cardspace: an introduction to the concepts and challenges of digital identities
A taxonomy of single sign-on systems
ACISP'03 Proceedings of the 8th Australasian conference on Information security and privacy
Deployment of virtual machines in lock-keeper
WISA'06 Proceedings of the 7th international conference on Information security applications: PartI
Strong authentication over lock-keeper
SOFSEM'08 Proceedings of the 34th conference on Current trends in theory and practice of computer science
Federated identity-management protocols
Proceedings of the 11th international conference on Security Protocols
A secure web services providing framework based on lock-keeper
APNOMS'07 Proceedings of the 10th Asia-Pacific conference on Network Operations and Management Symposium: managing next generation networks and services
Hi-index | 0.00 |
This paper proposes a new federated authentication platform based on the Lock-Keeper system, which is a simple implementation of the high level security concept, "Physical Separation". An integrated federated authentication gateway is realized within the Lock-Keeper components and deployed on the border between different security domains, which enables users to use their own digital identities for accessing services provided by external collaborating partners. User identities, credentials and all kinds of security tokens required by the authentication can be handled well by being physically isolated with outside. All the direct network connections to the target security domain are disabled by the Lock-Keeper's inherent sluice principle as well as normal electronic transactions and businesses can still be performed through the corresponding Lock-Keeper application modules. A number of known standards related to Web Service security are implemented and can be reliably enforced in the isolated environment of the proposed framework.