Title :
Design of Lock-Keeper federated authentication gateway
Author :
Cheng, Feng ; Meinel, Christoph
Author_Institution :
Hasso Plattner Inst., Univ. of Potsdam, Potsdam
Abstract :
This paper proposes a new federated authentication platform based on the Lock-Keeper system, which is a simple implementation of the high level security concept, ldquophysical separationrdquo. An integrated federated authentication gateway is realized within the Lock-Keeper components and deployed on the border between different security domains, which enables users to use their own digital identities for accessing services provided by external collaborating partners. User identities, credentials and all kinds of security tokens required by the authentication can be handled well by being physically isolated with outside. All the direct network connections to the target security domain are disabled by the Lock-Keeper´s inherent sluice principle as well as normal electronic transactions and businesses can still be performed through the corresponding Lock-Keeper application modules. A number of known standards related to Web service security are implemented and can be reliably enforced in the isolated environment of the proposed framework.
Keywords :
Web services; internetworking; security of data; Lock-Keeper federated authentication gateway; Web service security; digital identities; direct network connections; external collaborating partners; integrated federated authentication gateway; normal electronic transactions; physical separation; security tokens; sluice principle; Authentication; Buildings; Business communication; Collaboration; Identity management systems; Information security; Isolation technology; Service oriented architecture; Simple object access protocol; Web services;
Conference_Titel :
Advanced Communication Technology, 2009. ICACT 2009. 11th International Conference on
Conference_Location :
Phoenix Park
Print_ISBN :
978-89-5519-138-7
Electronic_ISBN :
1738-9445
