Dissertação

An architecture to resilient and highly available identity providers based on OpenID standard

Secure authentication services and systems typically are based on two main approaches: the first one seeks to defend itself of all kind of attack. Actually, the major current services use this approach, which is known for present failures as well as being completely infeasible. Our proposal uses...

ver descrição completa

Autor principal: Cunha, Hugo Assis
Outros Autores: http://lattes.cnpq.br/2022725198804624
Grau: Dissertação
Idioma: eng
Publicado em: Universidade Federal do Amazonas 2015
Assuntos:
Tolerância a faltas e intrusões
Sistemas resilientes
Replicação de máquinas de estado
Fault and intrusion tolerance
Resilient systems
State machine replication
Authentication and authorization infra-structures
OpenID
CIÊNCIAS EXATAS E DA TERRA: CIÊNCIA DA COMPUTAÇÃO
Acesso em linha: http://tede.ufam.edu.br/handle/handle/4431
id oai:https:--tede.ufam.edu.br-handle-:tede-4431
recordtype dspace
spelling oai:https:--tede.ufam.edu.br-handle-:tede-44312016-05-11T14:36:28Z An architecture to resilient and highly available identity providers based on OpenID standard Uma arquitetura para provedores de identidade resistente e altamente disponíveis com base no padrão OpenID Cunha, Hugo Assis Feitosa, Eduardo Luzeiro http://lattes.cnpq.br/2022725198804624 http://lattes.cnpq.br/5939944067207881 Souto, Eduardo James Pereira http://lattes.cnpq.br/3875301617975895 Pio, José Luiz de Souza http://lattes.cnpq.br/1014904168887285 Tolerância a faltas e intrusões Sistemas resilientes Replicação de máquinas de estado Fault and intrusion tolerance Resilient systems State machine replication Authentication and authorization infra-structures OpenID CIÊNCIAS EXATAS E DA TERRA: CIÊNCIA DA COMPUTAÇÃO Secure authentication services and systems typically are based on two main approaches: the first one seeks to defend itself of all kind of attack. Actually, the major current services use this approach, which is known for present failures as well as being completely infeasible. Our proposal uses the second approach, which seeks to defend itself of some specific attacks, and assumes that eventually the system may suffer an intrusion or fault. Hence, the system does not try avoiding the problems, but tolerate them by using intelligent mechanisms which allow the system keep executing in a trustworthy and safe state. This research presents a resilient architecture to authentication services based on OpenID by the use of fault and intrusion tolerance protocols, as well as a functional prototype. Through the several performed tests, it was possible to note that our system presents a better performance than a standard OpenID service, but with additional resilience, high availability, protection of the sensitive data, beyond fault and intrusion tolerance, always keeping the compatibility with the current OpenID clients. Quando se trata de sistemas e serviços de autenticação seguros, há duas abordagens principais: a primeira procura estabelecer defesas para todo e qualquer tipo de ataque. Na verdade, a maioria dos serviços atuais utilizam esta abordagem, a qualsabe-sequeéinfactívelefalha. Nossapropostautilizaasegundaabordagem, a qual procura se defender de alguns ataques, porém assume que eventualmente o sistema pode sofrer uma intrusão ou falha e ao invés de tentar evitar, o sistema simplesmente as tolera através de mecanismos inteligentes que permitem manter o sistema atuando de maneira confiável e correta. Este trabalho apresenta uma arquiteturaresilienteparaserviçosdeautenticaçãobaseadosemOpenIDcomuso deprotocolosdetolerânciaafaltaseintrusões, bemcomoumprotótipofuncional da arquitetura. Por meio dos diversos testes realizados foi possível verificar que o sistema apresenta um desempenho melhor que um serviço de autenticação do OpenID padrão, ainda com muito mais resiliência, alta disponibilidade, proteção a dados sensíveis e tolerância a faltas e intrusões. Tudo isso sem perder a compatibilidade com os clientes OpenID atuais. Não Informada 2015-07-20T14:12:26Z 2014-09-26 Dissertação CUNHA, Hugo Assis. An architecture to resilient and highly available identity providers based on OpenID standard. 2014. 103 f. Dissertação (Mestrado em Informática) - Universidade Federal do Amazonas, Manaus, 2014. http://tede.ufam.edu.br/handle/handle/4431 eng Acesso Aberto application/pdf Universidade Federal do Amazonas Instituto de Computação Brasil UFAM Programa de Pós-graduação em Informática
institution TEDE - Universidade Federal do Amazonas
collection TEDE-UFAM
language eng
topic Tolerância a faltas e intrusões
Sistemas resilientes
Replicação de máquinas de estado
Fault and intrusion tolerance
Resilient systems
State machine replication
Authentication and authorization infra-structures
OpenID
CIÊNCIAS EXATAS E DA TERRA: CIÊNCIA DA COMPUTAÇÃO
spellingShingle Tolerância a faltas e intrusões
Sistemas resilientes
Replicação de máquinas de estado
Fault and intrusion tolerance
Resilient systems
State machine replication
Authentication and authorization infra-structures
OpenID
CIÊNCIAS EXATAS E DA TERRA: CIÊNCIA DA COMPUTAÇÃO
Cunha, Hugo Assis
An architecture to resilient and highly available identity providers based on OpenID standard
topic_facet Tolerância a faltas e intrusões
Sistemas resilientes
Replicação de máquinas de estado
Fault and intrusion tolerance
Resilient systems
State machine replication
Authentication and authorization infra-structures
OpenID
CIÊNCIAS EXATAS E DA TERRA: CIÊNCIA DA COMPUTAÇÃO
description Secure authentication services and systems typically are based on two main approaches: the first one seeks to defend itself of all kind of attack. Actually, the major current services use this approach, which is known for present failures as well as being completely infeasible. Our proposal uses the second approach, which seeks to defend itself of some specific attacks, and assumes that eventually the system may suffer an intrusion or fault. Hence, the system does not try avoiding the problems, but tolerate them by using intelligent mechanisms which allow the system keep executing in a trustworthy and safe state. This research presents a resilient architecture to authentication services based on OpenID by the use of fault and intrusion tolerance protocols, as well as a functional prototype. Through the several performed tests, it was possible to note that our system presents a better performance than a standard OpenID service, but with additional resilience, high availability, protection of the sensitive data, beyond fault and intrusion tolerance, always keeping the compatibility with the current OpenID clients.
author_additional Feitosa, Eduardo Luzeiro
author_additionalStr Feitosa, Eduardo Luzeiro
format Dissertação
author Cunha, Hugo Assis
author2 http://lattes.cnpq.br/2022725198804624
author2Str http://lattes.cnpq.br/2022725198804624
title An architecture to resilient and highly available identity providers based on OpenID standard
title_short An architecture to resilient and highly available identity providers based on OpenID standard
title_full An architecture to resilient and highly available identity providers based on OpenID standard
title_fullStr An architecture to resilient and highly available identity providers based on OpenID standard
title_full_unstemmed An architecture to resilient and highly available identity providers based on OpenID standard
title_sort architecture to resilient and highly available identity providers based on openid standard
publisher Universidade Federal do Amazonas
publishDate 2015
url http://tede.ufam.edu.br/handle/handle/4431
_version_ 1831969283987472384
score 11.753735

Registros relacionados