Auth-SL - A System for the Specification and Enforcement of Quality-Based Authentication Policies

Get BibTex-formatted data

Author

Elisa Bertino

Entry type

article

Abstract

This paper develops a language and a reference architecture supporting the management and enforcement of authentication policies. Such language directly supports multi-factor authentication and the high level specification of authentication factors, in terms of conditions against the features of the various authentication mechanisms and modules. In addition the language supports a rich set of constraints; by using these constraints, one can specify for example that a subject must be authenticated by two credentials issued by different authorities. The paper presents a logical definition of the language and its corresponding XML encoding. It also reports an implementation of the proposed authentication system in the context of the FreeBSD Unix operating system (OS). Critical issues in the implementation are discussed and performance results are reported. These results show that the implementation is very efficient.

Date

2008

URL

http://www.springerlink.com/content/n7880q9u1n72253h/

Key alpha

Bertino

Pages

386-397

Publisher

Springer Berlin / Heidelberg

Volume

4861

Affiliation

Purdue University

Publication Date

2008-00-00

Copyright

2008

Isbn

978-3-540-77047-3

BibTex-formatted data

To refer to this entry, you may select and copy the text below and paste it into your BibTex document. Note that the text may not contain all macros that BibTex supports.

@Article{ Bertino,
	title = "Auth-SL - A System for the Specification and Enforcement of Quality-Based Authentication Policies",
	author = "Elisa Bertino",
	year = "2008",
	pages = "386-397",
	publisher = "Springer Berlin / Heidelberg",
	volume = "4861",
	abstract = "This paper develops a language and a reference architecture supporting the management and enforcement of authentication policies. Such language directly supports multi-factor authentication and the high level specification of authentication factors, in terms of conditions against the features of the various authentication mechanisms and modules. In addition the language supports a rich set of constraints; by using these constraints, one can specify for example that a subject must be authenticated by two credentials issued by different authorities. The paper presents a logical definition of the language and its corresponding XML encoding. It also reports an implementation of the proposed authentication system in the context of the FreeBSD Unix operating system (OS). Critical issues in the implementation are discussed and performance results are reported. These results show that the implementation is very efficient.",
	affiliation = "Purdue University",
	copyright = "2008",
	isbn = "978-3-540-77047-3",
	url = "http://www.springerlink.com/content/n7880q9u1n72253h/",
}