Development of Single Sign-On System with Hardware Token and Key Management Server

Daiki NOBAYASHI, Yutaka NAKAMURA, Takeshi IKENAGA, Yoshiaki HORI
2009 IEICE transactions on information and systems  
With the growth of the Internet, various types of services are rapidly expanding; such services include the World Wide Web (WWW), the File Transfer Protocol (FTP), and remote login. Consequently, managing authentication information, e.g., user ID/password pairs, keys, and certificates-is difficult for users, since the amount of required authentication information has been increased. To address this problem, researchers have developed a Single Sign-On (SSO) system that makes all the services
more » ... lable for a user via a one-time authentication: however, existing authentication systems cannot provide such SSO services for all kind of services on the Internet, even if the service provider deploys the SSO server. Further, existing systems also cannot provide the SSO service which does not make it conscious of a network domain to a user on secure network environment. Therefore, in this paper, we propose a new SSO system with a hardware token and a key management server to improve the safety, ubiquity, and adaptability of services. Further, we implement the proposed system and show its effectiveness through evaluation. Adding any functions for this system provides various conveniences to us. We also explore the ability to add functions to this system; for example, we add high trust connection functionality for a Web server and show its effectiveness. key words: single sign-on, hardware token, key management server, authentication, security
doi:10.1587/transinf.e92.d.826 fatcat:ewwvxq3eafehjkrxo7eurt6kom