Language Design for Token Server Authentication Policies

 
 
 
 

Language Design for Token Server Authentication Policies

Show full item record


Title: Language Design for Token Server Authentication Policies
Author: Busch, Rebecca Lynn
Description: There exist computer networks in which multiple services forward the credentials of their users to a central server for authentication. Though the communication lines between the services and the central server may be encrypted, each service has plaintext access to the username/password pairs and can easily store copies. A solution to this security problem is the use of a temporary token in place of the password. Substituting short-lived tokens for the real passwords solves the problem of compromised passwords since only the token may be stolen; however, the tokens may become compromised as well. For this reason, restrictions must be placed on the creation and validation of tokens to reduce the likelihood of their compromise. In this work, I present an authentication policy language developed to express the rules necessary to govern the token creation and validation processes.
Permanent Link: http://rave.ohiolink.edu/etdc/view?acc_num=miami1102097456
http://hdl.handle.net/2374.OX/19136
Date: 2004

Files in this item

Files Size Format View

There are no files associated with this item.

This item appears in the following Collection(s)

Show full item record