34 research outputs found
Single sign-on using trusted platforms
Network users today have to remember one username/password pair for every service
they are registered with. One solution to the security and usability implications of this
situation is Single Sign-On, a mechanism by which the user authenticates only once to
an entity termed the ‘Authentication Service Provider’ (ASP) and subsequently uses disparate
Service Providers (SPs) without necessarily re-authenticating. The information
about the user’s authentication status is handled between the ASP and the desired SP
in a manner transparent to the user. This paper demonstrates a method by which the
end-user’s computing platform itself plays the role of the ASP. The platform has to be
a Trusted Platform conforming to the Trusted Computing Platform Alliance (TCPA)
specifications. The relevant TCPA architectural components and security services are
described and associated threats are analysed
Interdomain User Authentication and Privacy
This thesis looks at the issue of interdomain user authentication, i.e. user
authentication in systems that extend over more than one administrative
domain. It is divided into three parts. After a brief overview of related
literature, the first part provides a taxonomy of current approaches to the
problem. The taxonomy is first used to identify the relative strengths and
weaknesses of each approach, and then employed as the basis for putting into
context four concrete and novel schemes that are subsequently proposed in
this part of the thesis. Three of these schemes build on existing technology;
the first on 2nd and 3rd-generation cellular (mobile) telephony, the second on
credit/debit smartcards, and the third on Trusted Computing. The fourth
scheme is, in certain ways, different from the others. Most notably, unlike the
other three schemes, it does not require the user to possess tamper-resistant
hardware, and it is suitable for use from an untrusted access device. An
implementation of the latter scheme (which works as a web proxy) is also
described in this part of the thesis.
As the need to preserve one’s privacy continues to gain importance in the
digital world, it is important to enhance user authentication schemes with
properties that enable users to remain anonymous (yet authenticated). In
the second part of the thesis, anonymous credential systems are identified as
a tool that can be used to achieve this goal. A formal model that captures
relevant security and privacy notions for such systems is proposed. From this
model, it is evident that there exist certain inherent limits to the privacy that
such systems can offer. These are examined in more detail, and a scheme
is proposed that mitigates the exposure to certain attacks that exploit these
limits in order to compromise user privacy. The second part of the thesis
also shows how to use an anonymous credential system in order to facilitate
what we call ‘privacy-aware single sign-on’ in an open environment. The
scheme enables the user to authenticate himself to service providers under
separate identifier, where these identifiers cannot be linked to each other,
even if all service providers collude. It is demonstrated that the anonymity
enhancement scheme proposed earlier is particularly suited in this special
application of anonymous credential systems.
Finally, the third part of the thesis concludes with some open research
questions
My Private Cloud Overview: A Trust, Privacy and Security Infrastructure for the Cloud
Based on the assumption that cloud providers can be trusted (to a certain extent) we define a trust, security and privacy preserving infrastructure that relies on trusted cloud providers to operate properly. Working in tandem with legal agreements, our open source software supports: trust and reputation management, sticky policies with fine grained access controls, privacy preserving delegation of authority, federated identity management, different levels of assurance and configurable audit trails. Armed with these tools, cloud service providers are then able to offer a reliable privacy preserving infrastructure-as-a-service to their clients
Using GSM/UMTS for single sign-on
At present, network users have to remember a username and a corresponding password for every service with which they are registered. Single Sign-On (SSO) has been proposed as a solution to the usability, security and management implications of this situation. Under SSO, users authenticate themselves only once to an entity termed the ‘Authentication Service Provider ’ (ASP) and subsequently use disparate Service Providers (SPs) without reauthenticating. The information about the user’s authentication status is handled between the ASP and the desired SP in a manner transparent to the user. In this paper we propose a SSO protocol where a GSM or UMTS operator plays the role of the ASP and by which its subscribers can be authenticated to SPs without any user interaction and in a way that preserves the user’s privacy and mobility. The protocol only requires minimal changes to the deployed GSM infrastructure
Single sign-on using trusted platforms
At present, network users have to remember a username and a corresponding password for every service with which they are registered
A Cautionary Note on Automatic Proxy Configuration
Web proxies can be used for a variety of services. Web browsers typically offer the option not only to statically configure a web proxy, but also to download proxy settings dynamically from the Internet. Unfortunately, the supporting infrastructure does not enable the browsers to properly authenticate the origin of these proxy settings. This inadequacy provides an opportunity for an attacker to interpose his own proxy between a client device and the web. The scope of potential harm includes wholesale or selective interception of web traffic, and web spoofing. In a practical setting the attack works even in the presence of SSL/TLS channels that are supposed to protect against interception and modification. Depending on the presence and configuration of a firewall, attacks can be launched by outsiders as well as by insiders. This paper examines various attack scenarios and proposes countermeasures to these attacks