2005 | OriginalPaper | Chapter
A Token-Based Single Sign-On Protocol
Authors : Li Hui, Shen Ting
Published in: Computational Intelligence and Security
Publisher: Springer Berlin Heidelberg
Activate our intelligent search to find suitable subject content or patents.
Select sections of text to find matching patents with Artificial Intelligence. powered by
Select sections of text to find additional relevant content using AI-assisted search. powered by
A token based single sign-on protocol for distribution systems is proposed in this paper. When a user
C
logs on a system, a centralized authentication server
A
will authenticate
C
and issue
C
a token which is signed by
A
and includes a session key generated by
A
as well as a time stamp.
C
can use the token to access any application server
S
.
S
will send the
C
’s request to the
A
. Then
A
will verify the validity of the token. There are two advantages of this protocol: 1) Time synchronization between severs
S
and the user
C
is not necessary. 2) All authentication state information such as session key is stored in the token rather than in the memory of
A
, thus the performance of
A
can be promoted effectively.We have used SVO logic to do formal analysis of this protocol.