Abstract
This paper describes a protocol for enabling shared persistent authentication for desktop applications that comprise a common suite by extending the OAuth2.0 protocol. OAuth2.0 is the de facto standard for developing and deploying federated Identity. Our extension enables the users to authenticate and authorize on devices that host a suite of applications that are connected to backend services and systems at Adobe. It is the backbone of our subscription and licensing infrastructure for the Adobe Creative Suite® 6 and Adobe Creative CloudTM. The extended protocol works without storing users credentials on a per application basis but rather uses device identities that are managed on a centralized server to enable increased security and management capabilities for a set of applications on the device. We describe the protocol is in detail, its inherent characteristics, how it extends OAuth2.0, and how it is used in practice.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsPreview
Unable to display preview. Download preview PDF.
References
OAuth Working Group, Hammer, E. (ed): IETF, The OAuth2.0 Authorization Protocol draft 28 (2012), http://tools.ietf.org/html/draft-ietf-oauth-v2-28
OpenId Foundation, Open ID Connect Protocol Suite (2012), http://openid.net/connect/
IPSec Working Group, Frankel, S., Kelly, S.: The HMAC-SHA-256-128 Algorithm and Its Use With IPsec (2002), http://w3.antd.nist.gov/iip_pubs/draft-ietf-ipsec-ciph-sha-256-01.txt
Google, Android Account Manager API (2012), http://developer.android.com/reference/android/accounts/AccountManager.html
Bank of America, Online Banking FAQ (2012), http://www.bankofamerica.com/onlinebanking/index.cfm?template=site_key-accessolb
Adobe Creative CloudTM (2012), http://creative.adobe.com
Adobe Creative Suite® (2012), http://www.adobe.com/products/creativesuite.html
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Trammel, J., Yalçinalp, Ü., Kalfas, A., Boag, J., Brotsky, D. (2012). Device Token Protocol for Persistent Authentication Shared across Applications. In: De Paoli, F., Pimentel, E., Zavattaro, G. (eds) Service-Oriented and Cloud Computing. ESOCC 2012. Lecture Notes in Computer Science, vol 7592. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33427-6_20
Download citation
DOI: https://doi.org/10.1007/978-3-642-33427-6_20
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-33426-9
Online ISBN: 978-3-642-33427-6
eBook Packages: Computer ScienceComputer Science (R0)