A Single Sign on based secure remote user authentication scheme for Multi-Server Environments

Abstract

A Multi-Server Architecture comprises of a server environment having many different servers which provides the user the flexibility of accessing resources from multiple Service Providing Servers using the same credential. The primary objective of a Multi Server Environment (MSE) is to provide services of different Service Providers (SPs) without repeating registration at each SP server, and to get a unique single credential for all the servers in MSE. However, the conventional MSEs, proposed by various researchers, proposes the individual authentication service by each SP on their respective server using the credential issued by the Registration Authority of MSE. The mechanism requires the user to access each SP by keying the same credentials for every SP separately. Single Sign On (SSO) is an authentication mechanism that enables a user to sign-on once and access the services of various SPs in the same session. SAML is generally used as a Single Sign-On protocol. This work analyzes the smart card based authentication scheme for Multi-Server Environment proposed by Li et al.'s and discuss various security attacks on the said scheme. The paper also proposes a Secure Dynamic-ID based scheme using smart cards or crypto cards which do not require a verifier table and implements Single Sign On feature using SAML protocol, thus allowing the user to enjoy all the features of an MSE along with SSO.