Abstract
The range of devices that are capable of connecting to data networks has been on a rise in recent times. From the perspective of an administrator, controlling access to data networks, via these devices, usually includes the creation of separate login credentials. This leads to an administrative nightmare, from both the user and administrator’s point of view. This paper proposes a novel approach to this problem and offers a single-sign-on system, where the user’s authorisation is based on the login credentials of the user, and the profile of the device the user is using. An instance of this design is presented with SESAME, to demonstrate the usefulness of the design, and also practicality for implementation.
Chapter PDF
Similar content being viewed by others
Keywords
- Authentication Server
- Authentication Phase
- Java Virtual Machine
- Extensible Authentication Protocol
- Access Control List
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Blunk, L., Vollbrecht, J.: RFC2284: PPP Extensible Authentication Protocol (EAP) (March 1998)
Dierks, T., Allen, C.: RFC2246: The TLS Protocol – Version 1.0 (January 1999)
ECMA International, 114 Rue du Rhône, CH-1204 Geneva, Switzerland. Authentication and Privilege Attribute Security Application with related key distribution functions, 2nd edn. (March 1996)
Ferraiolo, D., Kuhn, R.: Role-Based Access Control. In: 15th National Computer Security Conference (1992)
Ganesan, R.: Yaksha: Augmenting Kerberos with public key cryptography. In: Internet Society Symposium on Network and Distributed System Security, February 1995, pp. 132–143 (1995)
Kohl, J.T., Neuman, B.C.: RFC1510: The Kerberos Network Authentication Service (V5). Digital Equipment Corporation, USC/Information Sciences Institute (September 1993)
Molva, R., Tsudik, G., Van Herreweghen, E., Zatti, S.: KryptoKnight Authentication and Key Distribution System. In: European Symposium on Research in Computer Security (ESORICS), pp. 155–174 (1992),
Postel, J.: RFC791: Internet Protocol. Information Sciences Institute, University of Southern California (September 1981)
Parker, T., Pinkas, D.: SESAME V4 – Overview (December 1995)
Simpson, W.: RFC1661: The Point-to-Point Protocol (PPP) (July 1994)
Sun Microsystems, Inc., 901 San Antonio Road, Palo Alto, CA 94303 USA. Connected, Limited Device Configuration: Specification Version 1.0a, Java 2 Platform Micro Edition (May 2000)
Sun Microsystems, Inc., 901 San Antonio Road, Palo Alto, CA 94303 USA. Connected Device Configuration (CDC) and the Foundation Profile (2001)
Sun Microsystems, Inc., 901 San Antonio Road, Palo Alto, CA 94303 USA. The CLDC HotSpottm Implementation Virtual Machine, Java 2 Platform Micro Edition (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Tham, K., Looi, M., Foo, E. (2006). Ubiquitous Authorization Scheme Based on Device Profile. In: Zhou, X., et al. Emerging Directions in Embedded and Ubiquitous Computing. EUC 2006. Lecture Notes in Computer Science, vol 4097. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11807964_32
Download citation
DOI: https://doi.org/10.1007/11807964_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-36850-2
Online ISBN: 978-3-540-36851-9
eBook Packages: Computer ScienceComputer Science (R0)