Novel Single Sign On Architecture Based on the Subscriber Identity Module for Web Services |
The need to authenticate in Internet services has increased considerably over the past years. Every time the user wishes to access his web services, he has to prove his identity by providing his credentials. Therefore, knowledge based authentication methods (e.g. password) are inadequate, and bring in weaknesses in the security authentication chain. As a result, novel solutions are required to avoid the burden of repeated re-authentications and enhance authentication methods (e.g. strong authentication).
Stienne DS, Clarke NL, Reynolds PL
In order to solve the first point, the research has investigated an existing solution called Single Sign On (SSO). SSO is a concept which exonerates the user from re-authenticating. There are different ways to provide SSO, and the research has chosen to study different Authentication Authorisation Infrastructure (AAI), on one side the Liberty Alliance project and on the other side the Shibboleth project.
However these infrastructures do not improve the authentication process and consequently this paper has introduced a new component in the AAI architecture: the Subscriber Identity Module (SIM) which brings a strong authentication capability. In order to create such a concept, the research has developed a novel framework where web services can interact with the SIM card to authenticate the user.