Sciweavers

EUROPKI
2005
Springer

A Multipurpose Delegation Proxy for WWW Credentials

14 years 6 months ago
A Multipurpose Delegation Proxy for WWW Credentials
Credentials like passwords or cryptographic key pairs are a means to prove one’s identity to a web server. A practical problem in this context is the question of how a user can temporarily delegate the right to use a credential to another person without revealing the secret. Related to this is the issue of sharing a single credential among members of a group such that all of them may use the credential, but no one actually gets to know it. This paper presents and compares several solutions to solve these problems. One is a client-side approach, while the other three are man-in-the-middle architectures. We have implemented one of these, the HTTP proxy variant, as a prototype. Our TLS Authentication Proxy is capable of transparently authenticating with a target web server on behalf of users. It supports the major authentication methods used on the Internet, both for standard HTTP and SSL connections.
Tobias Straub, Thilo-Alexander Ginkel, Johannes Bu
Added 27 Jun 2010
Updated 27 Jun 2010
Type Conference
Year 2005
Where EUROPKI
Authors Tobias Straub, Thilo-Alexander Ginkel, Johannes Buchmann
Comments (0)