02-02-2013, 12:42 PM
A-Select: Hitchhiking in authentication space
A-Select Hitchhiking.ppt (Size: 213 KB / Downloads: 34)
Rationale for A-Select
A-Select is a weblogin system like pubcookie
Separation between authN and authZ
Better security thru stronger (local) authN
New authN methods shouldn’t bother apps
We’re looking for authN means that users already have: hitchhiking!
Differentiate between various levels of assurance
Implementation
A-Select server: Java
Apache + Tomcat
Crypto: Cryptix
SHA1 hashes + RSA signatures
Filters for Apache and IIS
Memory cookies:
Ticket granting ticket (for SSO)
Application ticket
Redirection to ASP
UDB:
JDBC
LDAP (v1.2)
SSL recommended but not required
License model
A-Select server & agent: free
ASPs IP address and RADIUS: free
ASPs SMS (and banking card): free for academic community
Other ASPs:
Do-it-yourself, or
Contract our developers
The Future of A-Select
Benchmarking of “similar” products
Functionality
With APIs for ASPs
Price
Your input is welcome!