Auth-SL - A system for the specification and enforcement of quality-based authentication policies

Anna C. Squicciarini, Abhilasha Bhargav-Spantzel, Elisa Bertino, Alexei B. Czeksis

Research output: Chapter in Book/Report/Conference proceedingConference contribution

8 Citations (Scopus)

Abstract

This paper develops a language and a reference architecture supporting the management and enforcement of authentication policies. Such language directly supports multi-factor authentication and the high level specification of authentication factors, in terms of conditions against the features of the various authentication mechanisms and modules. In addition the language supports a rich set of constraints; by using these constraints, one can specify for example that a subject must be authenticated by two credentials issued by different authorities. The paper presents a logical definition of the language and its corresponding XML encoding. It also reports an implementation of the proposed authentication system in the context of the FreeBSD Unix operating system (OS). Critical issues in the implementation are discussed and performance results are reported. These results show that the implementation is very efficient.

Original languageEnglish (US)
Title of host publicationInformation and Communications Security - 9th International Conference, ICICS 2007, Proceedings
Pages386-397
Number of pages12
StatePublished - Dec 1 2007
Event9th International Conference on Information and Communications Security, ICICS 2007 - Zhengzhou, China
Duration: Dec 12 2007Dec 15 2007

Publication series

NameLecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)
Volume4861 LNCS
ISSN (Print)0302-9743
ISSN (Electronic)1611-3349

Other

Other9th International Conference on Information and Communications Security, ICICS 2007
CountryChina
CityZhengzhou
Period12/12/0712/15/07

Fingerprint

Authentication
Specification
Specifications
Operating Systems
XML
Encoding
Policy
Module
Language

All Science Journal Classification (ASJC) codes

  • Theoretical Computer Science
  • Computer Science(all)

Cite this

Squicciarini, A. C., Bhargav-Spantzel, A., Bertino, E., & Czeksis, A. B. (2007). Auth-SL - A system for the specification and enforcement of quality-based authentication policies. In Information and Communications Security - 9th International Conference, ICICS 2007, Proceedings (pp. 386-397). (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4861 LNCS).
Squicciarini, Anna C. ; Bhargav-Spantzel, Abhilasha ; Bertino, Elisa ; Czeksis, Alexei B. / Auth-SL - A system for the specification and enforcement of quality-based authentication policies. Information and Communications Security - 9th International Conference, ICICS 2007, Proceedings. 2007. pp. 386-397 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).
@inproceedings{166229f3c45e416e98b6950d2e762a5e,
title = "Auth-SL - A system for the specification and enforcement of quality-based authentication policies",
abstract = "This paper develops a language and a reference architecture supporting the management and enforcement of authentication policies. Such language directly supports multi-factor authentication and the high level specification of authentication factors, in terms of conditions against the features of the various authentication mechanisms and modules. In addition the language supports a rich set of constraints; by using these constraints, one can specify for example that a subject must be authenticated by two credentials issued by different authorities. The paper presents a logical definition of the language and its corresponding XML encoding. It also reports an implementation of the proposed authentication system in the context of the FreeBSD Unix operating system (OS). Critical issues in the implementation are discussed and performance results are reported. These results show that the implementation is very efficient.",
author = "Squicciarini, {Anna C.} and Abhilasha Bhargav-Spantzel and Elisa Bertino and Czeksis, {Alexei B.}",
year = "2007",
month = "12",
day = "1",
language = "English (US)",
isbn = "9783540770473",
series = "Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)",
pages = "386--397",
booktitle = "Information and Communications Security - 9th International Conference, ICICS 2007, Proceedings",

}

Squicciarini, AC, Bhargav-Spantzel, A, Bertino, E & Czeksis, AB 2007, Auth-SL - A system for the specification and enforcement of quality-based authentication policies. in Information and Communications Security - 9th International Conference, ICICS 2007, Proceedings. Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics), vol. 4861 LNCS, pp. 386-397, 9th International Conference on Information and Communications Security, ICICS 2007, Zhengzhou, China, 12/12/07.

Auth-SL - A system for the specification and enforcement of quality-based authentication policies. / Squicciarini, Anna C.; Bhargav-Spantzel, Abhilasha; Bertino, Elisa; Czeksis, Alexei B.

Information and Communications Security - 9th International Conference, ICICS 2007, Proceedings. 2007. p. 386-397 (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics); Vol. 4861 LNCS).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

TY - GEN

T1 - Auth-SL - A system for the specification and enforcement of quality-based authentication policies

AU - Squicciarini, Anna C.

AU - Bhargav-Spantzel, Abhilasha

AU - Bertino, Elisa

AU - Czeksis, Alexei B.

PY - 2007/12/1

Y1 - 2007/12/1

N2 - This paper develops a language and a reference architecture supporting the management and enforcement of authentication policies. Such language directly supports multi-factor authentication and the high level specification of authentication factors, in terms of conditions against the features of the various authentication mechanisms and modules. In addition the language supports a rich set of constraints; by using these constraints, one can specify for example that a subject must be authenticated by two credentials issued by different authorities. The paper presents a logical definition of the language and its corresponding XML encoding. It also reports an implementation of the proposed authentication system in the context of the FreeBSD Unix operating system (OS). Critical issues in the implementation are discussed and performance results are reported. These results show that the implementation is very efficient.

AB - This paper develops a language and a reference architecture supporting the management and enforcement of authentication policies. Such language directly supports multi-factor authentication and the high level specification of authentication factors, in terms of conditions against the features of the various authentication mechanisms and modules. In addition the language supports a rich set of constraints; by using these constraints, one can specify for example that a subject must be authenticated by two credentials issued by different authorities. The paper presents a logical definition of the language and its corresponding XML encoding. It also reports an implementation of the proposed authentication system in the context of the FreeBSD Unix operating system (OS). Critical issues in the implementation are discussed and performance results are reported. These results show that the implementation is very efficient.

UR - http://www.scopus.com/inward/record.url?scp=38149112732&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=38149112732&partnerID=8YFLogxK

M3 - Conference contribution

AN - SCOPUS:38149112732

SN - 9783540770473

T3 - Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)

SP - 386

EP - 397

BT - Information and Communications Security - 9th International Conference, ICICS 2007, Proceedings

ER -

Squicciarini AC, Bhargav-Spantzel A, Bertino E, Czeksis AB. Auth-SL - A system for the specification and enforcement of quality-based authentication policies. In Information and Communications Security - 9th International Conference, ICICS 2007, Proceedings. 2007. p. 386-397. (Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics)).