Title :
Impostor: a single sign-on system for use from untrusted devices
Author :
Pashalidis, Andreas ; Mitchell, Chris J.
Author_Institution :
Inf. Security Group, Univ. of London, UK
fDate :
29 Nov.-3 Dec. 2004
Abstract :
At present, network users have to manage a set of authentication credentials (usually a username/password pair) for every service with which they are registered. Single sign-on (SSO) has been proposed as a solution to the usability, security and management implications of this situation. Under SSO, users need to manage only one set of authentication credentials in order to log into the services they subsequently use. This paper presents the design of an SSO system that is based on a trusted proxy, and that is suitable for use from an untrusted network access device. Unlike existing proxy-based SSO schemes, which require an infrastructure to be in place between the proxy and the service providers, the one presented here does not. An open-source implementation of the scheme, called ´Impostor´, is also described. The prototype is implemented as an HTTP proxy, resulting in a system that works with common Web browsers.
Keywords :
message authentication; online front-ends; subscriber loops; telecommunication security; transport protocols; ubiquitous computing; HTTP proxy; Impostor; SSO system; Web browsers; authentication credentials; security management; single sign-on system; trusted proxy; ubiquitous computing; untrusted network access device; username/password pair; Airports; Authentication; Concrete; Cryptography; Electronic mail; IP networks; Information security; Protection; Prototypes; Usability;
Conference_Titel :
Global Telecommunications Conference, 2004. GLOBECOM '04. IEEE
Print_ISBN :
0-7803-8794-5
DOI :
10.1109/GLOCOM.2004.1378398
