Application-binding protocol in the user centric smart card ownership model
ACISP'11 Proceedings of the 16th Australasian conference on Information security and privacy
| Hi-index | 0.00 |
The increase of authenticating solutions based on RADIUS servers questions the complexity of their administration whose security and confidentiality are often at fault especially within Cloud Computing architectures. More specifically, it raises the concern of server administration in a secure environment for both the granting access’ company and its clients. This paper aims to solve this issue by proposing an innovative paradigm based on a grid of smart cards built on a context of SSL smart cards. We believe that EAP-TLS server smart cards offer the security and the simplicity required for an administration based on distributed servers. We specify the design of a RADIUS server in which EAP messages are fully processed by SSL smart cards. We present the scalability of this server linked to smart card grids whose distributed computation manages the concurrence of numerous authenticating sessions. Lastly, we relate the details of the first experimental results obtained with the RADIUS server and an array composed of 32 Java cards, and demonstrate the feasibility and prospective scalability of this architecture.