Using encryption for authentication in large networks of computers
Communications of the ACM
On Unifying Some Cryptographic Protocol Logics
SP '94 Proceedings of the 1994 IEEE Symposium on Security and Privacy
Limitations on design principles for public key protocols
SP'96 Proceedings of the 1996 IEEE conference on Security and privacy
Hi-index | 0.00 |
A token based single sign-on protocol for distribution systems is proposed in this paper. When a user C logs on a system, a centralized authentication server A will authenticate C and issue C a token which is signed by A and includes a session key generated by A as well as a time stamp. C can use the token to access any application server S.S will send the C’s request to the A. Then A will verify the validity of the token. There are two advantages of this protocol: 1) Time synchronization between severs S and the user C is not necessary. 2) All authentication state information such as session key is stored in the token rather than in the memory of A, thus the performance of A can be promoted effectively.We have used SVO logic to do formal analysis of this protocol.