mpm + authentication   21

Application Layer Transport Security
The ALTS trust model has been tailored for cloud-like containerized applications. Identities are bound to entities instead of to a specific server name or host. This trust model facilitates seamless microservice replication, load balancing, and rescheduling across hosts
authentication  authorization  protocol  confidentiality 
may 2019 by mpm
Identity Provider Overview - Persona
A Persona Identity Provider (IdP) is a domain which directly signs and certifies the identities of its users. Because Persona identities are based on email addresses, any domain which offers email to its users is a natural fit for becoming an IdP. If you have a domain name, you can become a Persona IdP by implementing support for the underlying BrowserID protocol.
identity  authentication 
march 2013 by mpm
RESTful Authentication Pattern for the Hypertext Transport Protocol
This document proposes a "RESTful" pattern of authentication for HTTP/1.0, 1.1, and 2.0.
rest  http  authentication 
august 2012 by mpm
How BrowserID Works
BrowserID is a decentralized identity system that makes it possible for users to prove ownership of email addresses in a secure manner, without requiring per-site passwords. BrowserID is hoped to ultimately become an alternative to the tradition of ad-hoc application-level authentication based on site-specific user-names and passwords.
browser  identity  authentication 
july 2011 by mpm
Data Management for Internet-Scale Single-Sign-On
We describe the data management requirements and architecture for this service, the problems we encountered, and the experience we’ve had running it. In doing so we provide perspective on “where theory meets practice.”
authentication  confidentiality  integrity 
february 2011 by mpm
Alfredo is a Java library consisting of a client and a server components to enable Kerberos SPNEGO authentication for HTTP.
java  integrity  confidentiality  authentication 
january 2011 by mpm
Simple Secure 3rd Party Auth is an experiment in using standardized cryptography written by real cryptographers (not me) to implement a simple 3rd party authentication service. The goal is to have a secure way for websites to store their users "offsite" but still own all their users.
authentication  javascript  web 
december 2010 by mpm
SRP is the newest addition to a new class of strong authentication protocols that resist all the well-known passive and active attacks over the network. SRP borrows some elements from other key-exchange and identification protcols and adds some subtle modifications and refinements. The result is a protocol that preserves the strength and efficiency of the EKE family protocols while fixing some of their shortcomings
december 2010 by mpm
Hybrid one-time authentication
want to use my yubikey to authenticate to my dedicated linux server, with OATH-HOTP
june 2010 by mpm
Jespa is a Java software library that provides advanced integration between Microsoft Active Directory and Java applications
authentication  authorization  java  windows  integrity 
march 2009 by mpm
The OpenId Sequence Diagram
It is a complex protocol though as the following sequence diagram illustrates, and this may be a problem for automated agents that need to jump around the web from hyperlink to hyperlink, as hyperdata agents tend to do.
authentication  integrity  web  identity 
february 2009 by mpm
Active Directory integration in Java
Since people still seem to be rather clueless and waste a lot of time by trying to configure general-purpose LDAP or JNDI authentication mechanism to talk to Active Directory, here's how your program can talk to Active Directory from domain name:
authentication  authorization  integrity  java 
june 2008 by mpm
Free IPA
FreeIPA is an integrated security information management solution combining Linux (Fedora), Fedora Directory Server, MIT Kerberos, NTP, DNS. It consists of a web interface and command-line administration tools. Currently it supports identity management with plans to support policy and auditing management.
identity  authentication  authorization  linux  unix 
march 2008 by mpm
Lasso - Liberty Alliance Single Sign On
a free software C library aiming to implement the Liberty Alliance standards; it defines processes for federated identities, single sign-on and related protocols
identity  authentication  integrity 
february 2008 by mpm
strong password hashing for Python
python  authentication  confidentiality 
october 2007 by mpm
Practical Principles for Computer Security
The key ideas are principals, a relation between principals called “speaks for”, a logic for reasoning about what resources a principal can speak for, and rules for abstracting from the bits exchanged among interacting parties to logical formulas. These ideas provide a way to reason formally about delegation, names, groups, computer systems, applications, and authorization policy.
authentication  authorization  integrity 
october 2007 by mpm
strong password hashing for Java
java  confidentiality  authentication 
september 2007 by mpm
client library that implements the CIFS/SMB networking protocol in 100% Java
java  authentication 
september 2007 by mpm
Therefore, the task at hand is to define ways for taking such JAAS-based security services to the next level, to help in linking SOA services.
java  authentication  authorization  integrity 
september 2006 by mpm
Seeking Scalable Web Authentication
The traditional J2EE approach to authentication sessions is placing identity information in the servlets Session object. The memory used by the Sessions, and potential need to replicate them, places a drag on scalability. In this article, I propose a different approach that is more scalable because it requires less shared state.
web  java  authentication  authorization  integrity 
may 2006 by mpm

Copy this bookmark: