Abstract
|
In this paper we propose a set of componen … In this paper we propose a set of components and tools for building more secure and dependable authentication and authorization infrastructures. We discuss and demonstrate how our architecture can be applied to different services, such as RADIUS and OpenID. We also provide details about the essential system elements such as trusted components, which are required for ensuring the confidentiality of sensitive data and operations in authentication services. Additionally, the two implemented prototypes are evaluated in fault-free executions, under faults, under attack, and in distinct computing environments. The results show that our prototypes, beyond being more secure and dependable, are capable of achieving the performance requirements of enterprise environments, such as IT infrastructures with more than 200k users. infrastructures with more than 200k users.
|