At present, network users have to remember a username and a corresponding password for every service with which they are registered. One solution to the security and usability implications of this situation is Single Sign-On, whereby the user authenticates only once to an 'Authentication Service Provider' (ASP) and subsequently uses disparate Service Providers (SPs) without necessarily re-authenticating. The information about the user's authentication status is handled between the ASP and the desired SP transparently to the user. This paper describes a method by which the end-user's computing platform itself plays the role of the ASP. The platform has to be a Trusted Platform conforming to the Trusted Computing Platform Alliance (TCPA) specifications. The relevant TCPA architectural components and security services are described and associated threats are analysed. © Springer-Verlag Berlin Heidelberg 2003.
CITATION STYLE
Pashalidis, A., & Mitchell, C. J. (2003). Single sign-on using trusted platforms. Lecture Notes in Computer Science (Including Subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), 2851, 54–68. https://doi.org/10.1007/10958513_5
Mendeley helps you to discover research relevant for your work.