Provably Secure Single Sign-On Scheme in Distributed Systems and Networks
Distributed systems and networks have been adopted by telecommunications, remote educations, businesses, armies and governments. A widely applied technique for distributed systems and networks is the Single Sign-On (SSO) which enables a user to use a unitary secure credential (or token) to access multiple computers and systems where he/she has access permissions. However, most existing SSO schemes have not been formally proved to satisfy credential privacy and soundness of credential based authentication. To overcome this drawback, the authors formalize the security model of single sign-on scheme with authenticated key exchange. Specially, they point out the difference between soundness and credential privacy, and define them together in one definition.