For Full-Text PDF, please login, if you are a member of IEICE,|
or go to Pay Per View on menu list, if you are a nonmember of IEICE.
A Distributed Authentication Platform Architecture for Peer-to-Peer Applications
Kazuhiko SAGARA Kenya NISHIKI Minoru KOIZUMI
IEICE TRANSACTIONS on Communications
Publication Date: 2005/03/01
Print ISSN: 0916-8516
Type of Manuscript: Special Section PAPER (Special Section on Ubiquitous Networks)
Category: Software Platform Technologies
authentication, peer-to-peer application, secure-path setup,
Full Text: PDF(874.4KB)
>>Buy this Article
A distributed authentication platform (DAP) architecture is described that addresses the problems of fast user authentication and secure data transmission in large-scale ubiquitous networks. The user space is divided into domains, each containing an agent engine (AE), to enable rapid response to authentication requests. Dedicated channels are used for quick synchronization of the AE databases. Also described is a user-information-based model with QoS-ensured end-to-end secure-path setup. In this model, the user specifies the QoS requirement at the terminal, and the AE analyzes the information embedded in the control packet and initiates the signaling sequence to set up the path. This model is highly suitable for emerging peer-to-peer services, such as ensured-delivery e-mail, account information exchange, PDA file backup, and fixed-time data delivery. Evaluation of the AE performance demonstrated that the localization of authentication requests by using domains is an effective way of reducing the authentication processing time in a large-scale ubiquitous network. Simulated secure-path setup using three workstations demonstrated that a secure route satisfying such user specifications as priority, encryption, and bandwidth can be set up within 4.02 ms, much faster than with previous approaches.