Abstract
This paper addresses the Single Sign On (SSO) issue in personal Area Networks (PANs) comprising of heterogeneous handheld devices. Architectures for service SSO solutions at the enterprise level are already in the market and some standards for such solutions exist. In this paper however we introduce the notion of device level SSO. By device SSO, we refer to the process of logging on to one device and then subsequently being authorized for other devices on a need only basis, without the user being prompted for his credentials or requiring any further manual interaction. Device SSO secures the authentication process in a PAN and alleviates the users from the burden of handling and managing the credentials of each device in the PAN. While borrowing elements from the enterprise level SSO standards, our architecture has been custom-tailored to the characteristics and inherent features of a PAN environment. Client server and peer-to-peer SSO schemes have been designed to fit both PAN star and mesh architectures. The proposed scheme is an application layer solution that is independent of the device platform and the underlying radio link. A sample prototype application has been developed as a proof of concept that runs on laptops and PDAs communicating over Bluetooth links.
An erratum to this chapter can be found at http://dx.doi.org/10.1007/11915072_109.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Kelly, M.: Is Single Sign on a Security Risk?, Version 1.2e, © SANS Institute, GIAC Certified Student Practical (June 2002)
Pashalidis, A., Mitchell, C.J.: A Taxonomy of single sign-on systems. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727. Springer, Heidelberg (2003)
Ortiz, E.: A Survey of J2ME Today (October 2004)
Liberty Alliance Specifications, www.projectliberty.org
Kormann, D.P., Rubin, A.D.: Risks of the Passport Single Sign on Protocol, Computer Networks, vol. 33, pp. 51–58. Elsevier Science Press, Amsterdam (2000)
Pashalidis, A., Mitchell, C.: Using GSM/UMTS for Single Sign-On. In: Proceedings of SympoTIC 2003 Joint IST Workshop on Mobile Future Symposium on Trends in Communications, Bratislava, Slovakia, October 2003, pp. 138–145. IEEE Press, Los Alamitos (2003)
Pashalidis, A., Mitchell, C.J.: Single Sign-On using Trusted Platforms, Information Security. In: Boyd, C., Mao, W. (eds.) ISC 2003. LNCS, vol. 2851, pp. 54–68. Springer, Heidelberg (2003)
Jeong, J., Shin, D., Shin, D.: An XML-based Single Sign-On Scheme Supporting Mobile and Home Network Service Environments. IEEE Transactions on Consumer Electronics 50(4), 1081–1086 (2004)
Josephson, W., Sirer, E.G., Schneider, F.B.: Peer-to-Peer Authentication with a Distributed Single Sign-On Service. In: Voelker, G.M., Shenker, S. (eds.) IPTPS 2004. LNCS, vol. 3279, pp. 250–258. Springer, Heidelberg (2005)
Gehrmann, C., Nyberg, K., Mitchell, C.J.: Manual authentication for wireless devices. Cryptobytes 7(1), 29–37 (2004)
Schneier, B.: Applied Cryptography: Protocols, Algorithms and Source Code in C, 2nd edn. John Wiley & Sons, Inc., Chichester (1996)
RFC 1510, The Kerberos Network Authentication Service (V5), www.ietf.org/rfc/rfc1510.txt
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2006 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Chandershekarapuram, A., Vogiatzis, D., Vassilaras, S., Yovanof, G.S. (2006). Architecture Framework for Device Single Sign On in Personal Area Networks. In: Meersman, R., Tari, Z., Herrero, P. (eds) On the Move to Meaningful Internet Systems 2006: OTM 2006 Workshops. OTM 2006. Lecture Notes in Computer Science, vol 4278. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11915072_40
Download citation
DOI: https://doi.org/10.1007/11915072_40
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-48273-4
Online ISBN: 978-3-540-48276-5
eBook Packages: Computer ScienceComputer Science (R0)