A cross-layer SSO solution for federating access to kerberized services in the eduroam/DAMe network

Pérez-Méndez, Alejandro; Pereñíguez-García, Fernando; Marin-Lopez, Rafael; López-Millán, Gabriel

doi:10.1007/s10207-012-0174-5

Cited by 6 publications

(3 citation statements)

References 24 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Even though eduroam has been implemented in many Brazilian universities, we have noted, after consulting CAPES/MEC periodicals portal, that there is little research about the network. Most studies we have found were conducted in other countries, such as Spain (CABALLERO et al, 2016;SÁNCHEZ et al, 2009) and regards technical matters, like the network authentication system (LÓPEZ et al, 2008;MURUGANANTAM et al, 2005;PÉREZ-MÉNDEZ et al, 2012) and mobility (RAISCHEL et al, 2014;CRUZ et al, 2013). The context of the research, which considers the implementation of eduroam, is addressed in the following topic, as well as the research methodology.…”

Section: Technological Expansion and Its Implications: From Dumb Phonmentioning

confidence: 99%

Smartphones in Higher Education Classrooms: Motivations, Rules, and Consequences

2020

View full text Add to dashboard Cite

The growth in the use of smartphones is remarkable and reaches countless spheres of social life, one of them being the university. Nagumo (2014) and Selwyn (2014) highlight that there are few researches focused on understanding how technological devices like cellphones are used in teaching institutions; in addition to that, the Federal University of Sergipe (UFS) has recently implemented the international Internet network eduroam. In this context, this research aims to discover motivations to the use of smartphones by the students of the Departments of Vernacular Language (DLEV) and Modern Languages (DLES), as well as to analyze possible rules and consequences of using smartphones during classes at UFS. The methodology is qualitative - analytical-interpretative - and follows the procedures Freeman (1998) proposes, which include naming, grouping, finding relationship, and displaying. This research’s results and conclusions indicate that most students who participated in the research use smartphones to meet academic and entertainment aims. The rules and consequences in the classroom, however, diminish the use of the devices for being related to punishments. Similarly, eduroam discourages the use of smartphones because it presents barriers to the access of Internet.

show abstract

Section: Technological Expansion and Its Implications: From Dumb Phonmentioning

confidence: 99%

Smartphones in Higher Education Classrooms: Motivations, Rules, and Consequences

2020

View full text Add to dashboard Cite

show abstract

“…Aside from SAML and OpenID another SSO standard that is quite popular is Kerberos authentication. Kerberos provides single sign on through the generation of tickets [10]. These systems are also known as federated authentication standards and are used to authenticate users across different platform [11].SSO protocols like SAML, OAUTH and OpenID replaces traditionalauthentication by using a single source of authentication at the identity provider (IdP) [12].…”

Section: Related Workmentioning

confidence: 99%

Towards Adoption of Authentication and Authorization in Identity Management and Single Sign On

Joshi¹,

Cha²,

Sardari³

2018

Adv. sci. technol. eng. syst. j.

View full text Add to dashboard Cite

Identity and Access Management (IAM) and Single Sign on (SSO) are two security concepts that are related to each other. IAM governs the user access in an organization whereas SSO facilitates the user by authenticating to one centralized application and not having to re-authenticate when trying to access other applications. This paper addresses the different benefits that an IAM and SSO tool can provide to reduce the security risk within an organization. Since, authentication and authorization are one of the major concerns in the cyber security; this paper analyzes common problems that are faced during authentication and authorization. We have also analyzed prior researches that have been done in the IAM and SSO space along with conducting a survey to understand the different issues and benefits of IAM and SSO. From the survey that has been conducted, we have addressed different issues when implementing IAM and SSO solutions along with understanding the architecture, in which these solutions have been deployed into. The surveys conducted have been compared with prior researches done in IAM and SSO space to understand the benefits that the solution provides. The results from the survey have been analyzed to provide the best practices when implementing IAM and SSO solutions along with the benefits provided by the solution.

show abstract

“…Thus, the usage of Kerberos has been limited to controlling the access of local users registered in the service's domain. Recently, some alternatives, such as FedKERB, PanaKERB, and EduKERB, have been proposed to obtain the benefits of Kerberos without deploying an alternative cross‐realm infrastructure, by using a more common and widely used federation substrate: the AAA‐based federation. However, these solutions add or inflict changes in several entities and require new amendments to standards and related implementations.…”

Section: Related Workmentioning

confidence: 99%

Integrating an AAA‐based federation mechanism for OpenStack—The CLASSe view

Méndez

Millán

López

et al. 2017

Concurrency and Computation

View full text Add to dashboard Cite

Identity federations enable users, service providers and identity providers from different organizations to exchange authentication and authorization information in a secure way. In this paper we present a novel identity federation architecture for cloud services based on the integration of a cloud identity management service with an Authentication, Authorization and Accounting (AAA) infrastructure. Specifically we analyse how this type of AAA-based federation can be smoothly integrated into OpenStack, the leading open source cloud software solution, using the IETF Application Bridging for Federated Access Beyond web (ABFAB) specification for authentication and authorization. We provide details of the implementation undertaken in GÉANT s CLASSe project, and show its validation in a real testbed.

show abstract

A cross-layer SSO solution for federating access to kerberized services in the eduroam/DAMe network

Cited by 6 publications

References 24 publications

Smartphones in Higher Education Classrooms: Motivations, Rules, and Consequences

Smartphones in Higher Education Classrooms: Motivations, Rules, and Consequences

Towards Adoption of Authentication and Authorization in Identity Management and Single Sign On

Integrating an AAA‐based federation mechanism for OpenStack—The CLASSe view

Contact Info

Product

Resources

About