Multiparty Joint Authentication: Extending the Semantics of Single Sign-On for Grids

  • Hui Liu
  • Minglu Li
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3252)


This paper regards Single Sign-On as an accumulation of a series of two-party authentication, multiparty authentication and authorization. Such a comprehension brings new semantics for Single Sign-On in grids: authentication service and authorization service are separable and could communicate with each other through SAML assertions; Single Sign-On could support both two-party and multiparty authentication. Multiparty Joint Authentication (MJA) is designed to simplify multiparty authentication in some security context. This paper describes MJA with graph theory model and proposes its definition formally. The internal sequence diagram of MJA, possible assertion format of MJA, and MJA’s interactions with other OGSA services are also illustrated to reveal a systematic view of this paradigm.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Ferreira, L., Berstis, V., Armstrong, J., Kendzierski, M., Neukoetter, A., Takagi, M., Bing- Wo, R., Amir, A., Murakawa, R., Hernandez, O., Magowan, J., Bieberstein, N.: Introduction to Grid Computing with Globus. IBM Corp. (2002)Google Scholar
  2. 2.
    Surridge, M., Upstill, C.: Grid Security: Lessons for Peer-to-Peer Systems. In: Shahmehri, N., Graham, R., Garroni, R. (eds.) Proc. of the 3rd Intl. Conf. on Peer-to-Peer Computing, pp. 2–6. IEEE Press, Sweden (2003)CrossRefGoogle Scholar
  3. 3.
    Foster, I., Kesselman, C., Tsudik, G., Tuecke, S.: A Security Architecture for Computational Grids. In: Gong, L., Reiter, M. (eds.) Proc. of the 5th ACM Conf. on Computer and Comm. Sec., pp. 83–92. ACM Press, New York (1998)Google Scholar
  4. 4.
    Volchkov, A.: Revisiting Single Sign-On: A Pragmatic Approach in a New Context. IT Pro 1, 39–45 (2001)CrossRefGoogle Scholar
  5. 5.
    Dae-Hee, S., Im-Yeong, L., Soo-Young, C., Choon-Soo, K.: Single Sign-On Systems Using Multi-Agent System. In: Gebali, F. (ed.) Proc. of IEEE Pacific Rim Conf. on Comm., Computers and Sig. Processing, pp. 692–695. IEEE Press, Canada (2003)Google Scholar
  6. 6.
    Novotny, J., Tuecke, S., Welch, V.: An Online Credential Repository for the Grid: MyProxy. In: Williams, A. (ed.) Proc. of 10th Intl. Symposium on H. Performance Distributed Computing, pp. 104–111. IEEE Press, California (2001)CrossRefGoogle Scholar
  7. 7.
    Welch, V., Siebenlist, F., Foster, I., Bresnahan, J., Czajkowski, K., Gawor, J., Kesselman, C., Meder, S., Pearlman, L., Tuecke, S.: Security for Grid Services. In: Azada, D. (ed.) Proc. of 12th Intl. Symposium on H. Performance Distributed Computing, pp. 48–57. IEEE Press, Washington (2003)CrossRefGoogle Scholar
  8. 8.
    Oppliger, R.: Microsoft.Net Passport: A Security Analysis. Computer 4, 29–35 (2003)CrossRefGoogle Scholar
  9. 9.
  10. 10.

Copyright information

© Springer-Verlag Berlin Heidelberg 2004

Authors and Affiliations

  • Hui Liu
    • 1
  • Minglu Li
    • 1
  1. 1.Department of Computer Science and EngineeringShanghai Jiaotong UniversityShanghaiChina

Personalised recommendations