Development of Single Sign-On System with Hardware Token and Key Management Server

Daiki NOBAYASHI  Yutaka NAKAMURA  Takeshi IKENAGA  Yoshiaki HORI  

Publication
IEICE TRANSACTIONS on Information and Systems   Vol.E92-D   No.5   pp.826-835
Publication Date: 2009/05/01
Online ISSN: 1745-1361
DOI: 10.1587/transinf.E92.D.826
Print ISSN: 0916-8532
Type of Manuscript: Special Section PAPER (Special Section on Information and Communication System Security)
Category: Authentication and Authorization Techniques
Keyword: 
single sign-on,  hardware token,  key management server,  authentication,  security,  

Full Text: PDF>>
Buy this Article




Summary: 
With the growth of the Internet, various types of services are rapidly expanding; such services include the World Wide Web (WWW), the File Transfer Protocol (FTP), and remote login. Consequently, managing authentication information, e.g., user ID/password pairs, keys, and certificates- is difficult for users, since the amount of required authentication information has been increased. To address this problem, researchers have developed a Single Sign-On (SSO) system that makes all the services available for a user via a one-time authentication: however, existing authentication systems cannot provide such SSO services for all kind of services on the Internet, even if the service provider deploys the SSO server. Further, existing systems also cannot provide the SSO service which does not make it conscious of a network domain to a user on secure network environment. Therefore, in this paper, we propose a new SSO system with a hardware token and a key management server to improve the safety, ubiquity, and adaptability of services. Further, we implement the proposed system and show its effectiveness through evaluation. Adding any functions for this system provides various conveniences to us. We also explore the ability to add functions to this system; for example, we add high trust connection functionality for a Web server and show its effectiveness.