Title :
Adding SAML to two-factor authentication and single sign-on model for dynamic access control
Author :
Fugkeaw, Somchart ; Manpanpanich, Piyawit ; Juntapremjitt, Sekpon
Author_Institution :
Thai Digital ID Co., Ltd., Bangkok
Abstract :
This paper presents the extended development of the AmTRUE project implementing the SSO-two factor authentication and RBAC authorization in the multiple applications and multi-domain environment. The authentication and authorization are based on the X.509 public key certificate and privilege management infrastructure (PMI). In our model, we introduce the security assertion markup language (SAML) to support the exchange of authentication and authorization information. SAML enables the single sign-on (SSO) authentication in the multi-organization to be more manageable and scalable. Besides, we enhance our system to be capable to work with the access control policies of the organizations using XACML This promotes the flexibility of AmTRUE for the seamless interoperation with another standard access control policy. Finally, the implementation is presented.
Keywords :
access control; authorisation; formal languages; public key cryptography; RBAC authorization; SAML; dynamic access control; privilege management infrastructure; public key certificate; security assertion markup language; single sign-on model; two-factor authentication; Access control; Authentication; Authorization; Communication standards; Environmental management; Information security; Markup languages; Public key; Web services; XML; Privilege Management Infrastructure; RBAC Authorization; SAML; X.509 Public Key Certificate; XACML;
Conference_Titel :
Information, Communications & Signal Processing, 2007 6th International Conference on
Conference_Location :
Singapore
Print_ISBN :
978-1-4244-0982-2
Electronic_ISBN :
978-1-4244-0983-9
DOI :
10.1109/ICICS.2007.4449857
