التفاصيل البيبلوغرافية
| العنوان: |
�Strong Authentication for Web Services using Smartcards |
| المؤلفون: |
D S. Stienne, Nathan Clarke, Paul Reynolds, France Telecom R&d, D S Stienne |
| المساهمون: |
The Pennsylvania State University CiteSeerX Archives |
| سنة النشر: |
2013 |
| المجموعة: |
CiteSeerX |
| مصطلحات موضوعية: |
Authentication, AAI, Identity Federation, SAML |
| الوصف: |
The popularity of the Internet and the variety of services it provides has been immense. Unfortunately, many of these services require the user to register and subsequently login to the system in order to access them. This has resulted in the user having to remember a multitude of username and password combinations in order to use the service securely. However, literature has clearly demonstrated this is not an effective approach, as users will frequently choose simple passwords, write them down, share them or use the same password for multiple systems. This paper proposes a novel concept where Internet users authenticate to web services (service providers) by the use of a smartcard – taking away any requirement for the user to provide credentials. The smartcard is useful in this context as it is a trusted device that is capable of applying cryptography in a tamper resistant environment. The development of the concept is based upon an extension to Authentication Authorisation Infrastructure (AAI) models, where a trusted authority (Identity Provider) will provide and manage the smart card to end-users. In devices such as mobile phones, a smartcard is already present (e.g. the SIM) to facilitate this and it is envisaged such a card could also be produced for desktop environments – similarly to what many banks are currently implementing. |
| نوع الوثيقة: |
text |
| اللغة: |
English |
| Relation: |
http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.258.5191 |
| الاتاحة: |
http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.258.5191 |
| Rights: |
Metadata may be used without restrictions as long as the oai identifier remains attached to it. |
| رقم الانضمام: |
edsbas.C3D3538B |
| قاعدة البيانات: |
BASE |