Downloads: 101

Files in This Item:
File Description SizeFormat 
IEICE.tec.rep_IA2016-57.pdf714.77 kBAdobe PDFView/Open
Title: Design of a Threshold-based Authentication System Which Provides Attributes Using Secret Sharing
Other Titles: 属性情報を秘密分散した閾値型認証システムの設計
Authors: Ito, Tomohiro
Kotani, Daisuke  kyouindb  KAKEN_id  orcid https://orcid.org/0000-0003-4305-8379 (unconfirmed)
Okabe, Yasuo  kyouindb  KAKEN_id  orcid https://orcid.org/0000-0003-0825-2256 (unconfirmed)
Author's alias: 伊藤, 友浩
小谷, 大祐
岡部, 寿男
Keywords: Attributes
Secret Sharing
Threshold-based Authentication
属性情報
秘密分散
閾値型認証
Issue Date: Nov-2016
Publisher: Institute of Electronics, Information and Communication Engineers(IEICE)
Journal title: IEICE Technical Report
Volume: 116
Issue: 292
Start page: 7
End page: 12
Thesis number: IA2016-57
Abstract: In identity federation, each service provider verifies the identity of a user based on authentication performed by an authentication server called an Identity Provider (IdP). When the IdP suffer troubles like an unauthorized person has cracked into the IdP or the IdP is unreachable due to a network problem, all services in the federation are affected by them. Simple replication of servers for the IdP causes privacy concern because raw attribute values of users must be copied to many servers, including some servers that may not be fully trusted. In order to maintain the function as an IdP even under such troubles, we propose a system in which servers of the IdP are distributed and cooperate using threshold-based authentication and secret sharing. In this paper, we design the system from the viewpoint of management of attribute values so that an administrator of the IdP can update the values anytime while keeping consistency of attribute values among the servers in the IdP.
ID連携は,単一の認証サービスの結果を連携しているサービスが利用するため, 認証サービスへの不正アクセスや, ネットワークの障害が起こると, 連携している全てのサービスの利用に影響が出る. これを防ぐために複数の認証サービスを利用すると, ユーザの属性情報を分散させなければならず, プライバシー保護上の課題がある. 著者らは, 閾値型認証と秘密分散を用いて上記の問題点を解決するシステムを提案している. 本稿では, 分散時でも管理者が能動的に属性情報を管理でき, 属性情報更新時も整合性が維持できるように提案手法の詳細な設計を行う.
Description: JSPS 163rd Committee on Internet Technology / 第40回インターネット技術第163委員会研究会 -ITRC meet40-
Rights: © 2016 by IEICE
URI: http://hdl.handle.net/2433/217330
Related Link: http://www.ieice.org/ken/paper/201611090bmD/
Appears in Collections:Journal Articles

Show full item record

Export to RefWorks


Export Format: 


Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.