A Distributed Authentication Platform Architecture for Peer-to-Peer Applications

Kazuhiko SAGARA  Kenya NISHIKI  Minoru KOIZUMI  

IEICE TRANSACTIONS on Communications   Vol.E88-B   No.3   pp.865-872
Publication Date: 2005/03/01
Online ISSN: 
DOI: 10.1093/ietcom/e88-b.3.865
Print ISSN: 0916-8516
Type of Manuscript: Special Section PAPER (Special Section on Ubiquitous Networks)
Category: Software Platform Technologies
authentication,  peer-to-peer application,  secure-path setup,  

Full Text: PDF(874.4KB)
>>Buy this Article

A distributed authentication platform (DAP) architecture is described that addresses the problems of fast user authentication and secure data transmission in large-scale ubiquitous networks. The user space is divided into domains, each containing an agent engine (AE), to enable rapid response to authentication requests. Dedicated channels are used for quick synchronization of the AE databases. Also described is a user-information-based model with QoS-ensured end-to-end secure-path setup. In this model, the user specifies the QoS requirement at the terminal, and the AE analyzes the information embedded in the control packet and initiates the signaling sequence to set up the path. This model is highly suitable for emerging peer-to-peer services, such as ensured-delivery e-mail, account information exchange, PDA file backup, and fixed-time data delivery. Evaluation of the AE performance demonstrated that the localization of authentication requests by using domains is an effective way of reducing the authentication processing time in a large-scale ubiquitous network. Simulated secure-path setup using three workstations demonstrated that a secure route satisfying such user specifications as priority, encryption, and bandwidth can be set up within 4.02 ms, much faster than with previous approaches.