Existing World Wide Web (WWW) security is organized around server specific realms. When several servers are interacted with in a secure manner, authentication information has to be provided for each server. Where separate servers co-operate to provide a set of distributed information as a server group, it is desirable to make authentication as transparent as possible. By extending the HyperText Transfer Protocol (HTTP) to include the server group information it is possible for a user to only provide authentication information once for an entire group of servers. Although we have also implemented these extensions for the Basic and Digest Authentication schemes, we argue that Mediated Digest Authentication is most suitable for secure server group scalability.
By: Andrew Hutchison, Matthias Kaiserswerth and Peter Trommler
Published in: Communications and Multimedia Security II, ed. P. Horster. , London, Chapman & Hall, p.234-43 in 1996
Please obtain a copy of this paper from your local library. IBM cannot distribute this paper externally.
Questions about this service can be mailed to reports@us.ibm.com .