Adding SAML to two-factor authentication and single sign-on model for dynamic access control

Author

Fugkeaw, Somchart ; Manpanpanich, Piyawit ; Juntapremjitt, Sekpon

Author_Institution

Thai Digital ID Co., Ltd., Bangkok

fYear

2007

fDate

10-13 Dec. 2007

Firstpage

1

Lastpage

5

Abstract

This paper presents the extended development of the AmTRUE project implementing the SSO-two factor authentication and RBAC authorization in the multiple applications and multi-domain environment. The authentication and authorization are based on the X.509 public key certificate and privilege management infrastructure (PMI). In our model, we introduce the security assertion markup language (SAML) to support the exchange of authentication and authorization information. SAML enables the single sign-on (SSO) authentication in the multi-organization to be more manageable and scalable. Besides, we enhance our system to be capable to work with the access control policies of the organizations using XACML This promotes the flexibility of AmTRUE for the seamless interoperation with another standard access control policy. Finally, the implementation is presented.

Keywords

access control; authorisation; formal languages; public key cryptography; RBAC authorization; SAML; dynamic access control; privilege management infrastructure; public key certificate; security assertion markup language; single sign-on model; two-factor authentication; Access control; Authentication; Authorization; Communication standards; Environmental management; Information security; Markup languages; Public key; Web services; XML; Privilege Management Infrastructure; RBAC Authorization; SAML; X.509 Public Key Certificate; XACML;

fLanguage

English

Publisher

ieee

Conference_Titel

Information, Communications & Signal Processing, 2007 6th International Conference on

Conference_Location

Singapore

Print_ISBN

978-1-4244-0982-2

Electronic_ISBN

978-1-4244-0983-9

Type

conf

DOI

10.1109/ICICS.2007.4449857

Filename

4449857