Loading [MathJax]/extensions/MathMenu.js
Multiple-Tiered Security Hierarchy for Web Applications Using Central Authentication and Authorization Service | IEEE Conference Publication | IEEE Xplore
Access provided by:
MIT Libraries
Sign Out
Access provided by:
MIT Libraries
Sign Out
ADVANCED SEARCH
Conferences >2007 International Symposium ...

Multiple-Tiered Security Hierarchy for Web Applications Using Central Authentication and Authorization Service

PDF
Hisashi Naito; Shoji Kajita; Yasushi Hirano; Kenji Mase
All Authors

Abstract:

The central authentication service (CAS) is a middleware for constructing a single sign on infrastructure for Web applications and has been developed by JA-SIG. In this p...Show More

Metadata

Abstract:

The central authentication service (CAS) is a middleware for constructing a single sign on infrastructure for Web applications and has been developed by JA-SIG. In this paper, we investigate a multiple-tiered security hierarchy infrastructure for Web applications, by extending CAS to the central authentication and authorization service (CAS2). Since the new version of CAS (CAS3) supports the X.509 client certificate authentication, we use it as leverage to realize our multiple-tiered security hierarchy mechanism. As a result, CAS2 uses X.509 client certification for not only authentication, but also authorization
Published in: 2007 International Symposium on Applications and the Internet Workshops
Date of Conference: 15-19 January 2007
Date Added to IEEE Xplore: 12 February 2007
CD:0-7695-2757-4
DOI: 10.1109/SAINT-W.2007.80
Conference Location: Hiroshima, Japan
No metrics found for this document.
Contents

1. Introduction

Most higher educational institutions are struggling to provide efficient and effective information services due to the hierarchical and silo structure of service units. For example, a section that serves students independently works from a section that serves faculties for research. Therefore, each section has a tendency to provide its own information system that has its own authentication and authorization functions. As a result, various authentication and authorization functions are introduced; however, the existence of many authentication functions gives rise to a lot of authentication data for each person. It is well-known that such a situation induces not only increases in management costs but also decreases the security of information systems. Therefore, institutions are trying to introduce “unified authentication databases” to decrease management costs and to strengthening security.

Usage
Select a Year
2024

View as

Total usage sinceJan 2011:184
00.511.522.53JanFebMarAprMayJunJulAugSepOctNovDec000010002001
Year Total:4
Data is updated monthly. Usage includes PDF downloads and HTML views.
Citations
2
Crossref®
Search for
Citations in
Google Scholar®
Contact IEEE to Subscribe
More Like This
A New Model for Authentication and Authorization across Heterogeneous Trust-Domain

2008 International Conference on Computer Science and Software Engineering

Published: 2008

Enacting authorization models for object-oriented databases

Proceedings of 7th International Conference and Workshop on Database and Expert Systems Applications: DEXA 96

Published: 1996

Show More

References

References is not available for this document.

IEEE Account

Purchase Details

Profile Information

Need Help?

A not-for-profit organization, IEEE is the world's largest technical professional organization dedicated to advancing technology for the benefit of humanity.
© Copyright 2025 IEEE - All rights reserved. Use of this web site signifies your agreement to the terms and conditions.