By Topic

A simple collaborative method in Web proxy access control for supporting complex authentication mechanisms

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$31 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

6 Author(s)
Takada, S. ; Grad. Sch. of Syst. & Inf. Eng., Univ. of Tsukuba, Tsukuba, Japan ; Sato, A. ; Shinjo, Y. ; Nakai, H.
more authors

Modern authentication mechanisms, including Shibboleth and OAuth, provide user attributes such as affiliations and e-mail addresses. Conventional collaborative methods have problems using such attributes in egress access control for the Web. This paper proposes a new collaborative method using Web browsers, proxy servers, and authentication servers. The proposed method simplifies communications among these elements by using a trusted shared repository that stores user attributes. A new authentication mechanism can be added to the system by deploying an authentication server of the new authentication mechanism. This authentication server is a Web application and stores user attributes in a shared repository associated with the user identifiers. When proxy servers receive requests from Web browsers, the proxy servers retrieve user attributes from the shared repository and the proxy servers decide whether or not to allow access to external Web pages in accordance with the URLs and relevant user attributes. Unlike in a standard such as the Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO), neither Web browsers nor proxy servers are required to include extensions for authentication mechanisms. On the basis of the simple collaborative method, the authors have implemented an egress access control system for the Web that performs user authentication with Shibboleth and Facebook. The access control system has been operational in a university library for more than a year.

Published in:

Collaborative Computing: Networking, Applications and Worksharing (CollaborateCom), 2012 8th International Conference on

Date of Conference:

14-17 Oct. 2012