iAuth: An HTTP Authentication Framework Integrated into HTML Forms
スポンサーリンク
概要
- 論文の詳細を見る
Current Web authentication frameworks have well-known weaknesses. HTTP provides an access authentication framework, but it is rarely used because it lacks presentational control. Forms and cookies, which are most commonly used, have the long-standing privacy issue raised by tracking. URI sessions, which are used in some mobile services like i-mode 1.0, disclose session identifiers unintentionally. This paper proposes iAuth, which integrates better parts of the existing frameworks and fixes their problems; iAuth allows servers to provide log-in forms, and introduces a session header to avoid servers tracking and unintentional disclosure. Since iAuth has backward compatibility with the major legacy browsers, developers can freely introduce iAuth into their Web sites or browsers as needed. Experiments confirm its correct operation; an iAuth server is shown to support not only an iAuth client but major legacy browsers. We believe that iAuth will resolve the long-standing issues in Web authentication.
著者
-
INOUE Takeru
NTT Network Innovation Laboratories, NTT Corporation
-
KATAYAMA Yohei
NTT Network Innovation Laboratories, NTT Corporation
-
SATO Hiroshi
NTT Network Innovation Laboratories, NTT Corporation
-
TAKAHASHI Noriyuki
NTT Network Innovation Laboratories, NTT Corporation
関連論文
- iAuth: An HTTP Authentication Framework Integrated into HTML Forms
- Hierarchical Location Management Scheme Based on Collaboration of Mobile Nodes(Mobile Networking)(Internet Technology IV)
- Formulation of Tunneling Impact on Multicast Efficiency(Network Protocols, Topology and Fault Tolerance, Parallel/Distributed Computing and Networking)
- B-7-15 Power-Efficient Multi-layer Network Design
- B-7-53 Stable Cross-Layer Power-Saving Approach Through Dynamic Aggregation of Forwarding Engines
- iAuth : An HTTP Authentication Framework Integrated into HTML Forms
- Hybrid Hierarchical Overlay Routing (Hyho) : Towards Minimal Overlay Dilation(Protocols, Applications and Services)(New Thechnologies and their Applications of the Internet)
- Web API Database Systems for Rapid Web Application Development