Skip to main content
SpringerLink
Log in
Book cover

European Conference on Service-Oriented and Cloud Computing 

ESOCC 2012: Service-Oriented and Cloud Computing pp 230–243Cite as

Device Token Protocol for Persistent Authentication Shared across Applications

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 7592))

Abstract

This paper describes a protocol for enabling shared persistent authentication for desktop applications that comprise a common suite by extending the OAuth2.0 protocol. OAuth2.0 is the de facto standard for developing and deploying federated Identity. Our extension enables the users to authenticate and authorize on devices that host a suite of applications that are connected to backend services and systems at Adobe. It is the backbone of our subscription and licensing infrastructure for the Adobe Creative Suite® 6 and Adobe Creative CloudTM. The extended protocol works without storing users credentials on a per application basis but rather uses device identities that are managed on a centralized server to enable increased security and management capabilities for a set of applications on the device. We describe the protocol is in detail, its inherent characteristics, how it extends OAuth2.0, and how it is used in practice.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   49.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. OAuth Working Group, Hammer, E. (ed): IETF, The OAuth2.0 Authorization Protocol draft 28 (2012), http://tools.ietf.org/html/draft-ietf-oauth-v2-28

  2. OpenId Foundation, Open ID Connect Protocol Suite (2012), http://openid.net/connect/

  3. IPSec Working Group, Frankel, S., Kelly, S.: The HMAC-SHA-256-128 Algorithm and Its Use With IPsec (2002), http://w3.antd.nist.gov/iip_pubs/draft-ietf-ipsec-ciph-sha-256-01.txt

  4. Google, Android Account Manager API (2012), http://developer.android.com/reference/android/accounts/AccountManager.html

  5. Bank of America, Online Banking FAQ (2012), http://www.bankofamerica.com/onlinebanking/index.cfm?template=site_key-accessolb

  6. Adobe Creative CloudTM (2012), http://creative.adobe.com

  7. Adobe Creative Suite® (2012), http://www.adobe.com/products/creativesuite.html

Download references

Author information

Authors and Affiliations

  1. Adobe Systems Incorporated, 345 Park Avenue, San Jose, USA

    John Trammel, Ümit Yalçinalp, Andrei Kalfas, James Boag & Dan Brotsky

Authors
  1. John Trammel
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Ümit Yalçinalp
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Andrei Kalfas
    View author publications

    You can also search for this author in PubMed Google Scholar

  4. James Boag
    View author publications

    You can also search for this author in PubMed Google Scholar

  5. Dan Brotsky
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Department of Informatics, Systems and Communication, University of Milano - Bicocca, Viale Sarca 336/14, 20126, Milano, Italy

    Flavio De Paoli

  2. Dept. Computer Science, University of Málaga, Málaga, Spain

    Ernesto Pimentel

  3. INRIA - FOCUS Research Team, University of Bologna, Italy

    Gianluigi Zavattaro

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Trammel, J., Yalçinalp, Ü., Kalfas, A., Boag, J., Brotsky, D. (2012). Device Token Protocol for Persistent Authentication Shared across Applications. In: De Paoli, F., Pimentel, E., Zavattaro, G. (eds) Service-Oriented and Cloud Computing. ESOCC 2012. Lecture Notes in Computer Science, vol 7592. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-33427-6_20

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-33427-6_20

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-33426-9

  • Online ISBN: 978-3-642-33427-6

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation