by Nalli, Sehar K

Abstract (Summary)
This thesis discusses a novel methodology to protect a user’s credentials in a centralized LDAP authentication environment. The work discusses the design and implementation of the Synchronized Token Generator System that gives the user a temporary token they can use when authenticating to untrusted third-parties such as service providers. This methodology addresses the risk when users give their credentials to a service provider. In LDAP environment it is necessary to give the service provider the user’s actual credentials since the service provider sends these credentials to the central server for authentication. The service providers have plaintext access to the username/password pair (the user’s credentials) even when transmissions are encrypted and the service providers can easily store a copy of the user’s credentials. This research looked at existing solutions to this problem and found that most require that the client programs participate in a secure credential exchange system. This work proposes a solution that does not require modifications to the client or service provider programs. The result is a Synchronized Token Generator System that automatically generates temporary tokens that the users use in place of their password during the authentication process.
Bibliographical Information:


School:Miami University

School Location:USA - Ohio

Source Type:Master's Thesis



Date of Publication:01/01/2006

© 2009 All Rights Reserved.