An architecture to resilient and highly available identity providers based on OpenID standard
Ano de defesa: | 2014 |
---|---|
Autor(a) principal: | |
Outros Autores: | |
Orientador(a): | |
Banca de defesa: | |
Tipo de documento: | Dissertação |
Tipo de acesso: | Acesso aberto |
Idioma: | eng |
Instituição de defesa: |
Universidade Federal do Amazonas
Instituto de Computação Brasil UFAM Programa de Pós-graduação em Informática |
Programa de Pós-Graduação: |
Não Informado pela instituição
|
Departamento: |
Não Informado pela instituição
|
País: |
Não Informado pela instituição
|
Palavras-chave em Português: | |
Link de acesso: | http://tede.ufam.edu.br/handle/handle/4431 |
Resumo: | Secure authentication services and systems typically are based on two main approaches: the first one seeks to defend itself of all kind of attack. Actually, the major current services use this approach, which is known for present failures as well as being completely infeasible. Our proposal uses the second approach, which seeks to defend itself of some specific attacks, and assumes that eventually the system may suffer an intrusion or fault. Hence, the system does not try avoiding the problems, but tolerate them by using intelligent mechanisms which allow the system keep executing in a trustworthy and safe state. This research presents a resilient architecture to authentication services based on OpenID by the use of fault and intrusion tolerance protocols, as well as a functional prototype. Through the several performed tests, it was possible to note that our system presents a better performance than a standard OpenID service, but with additional resilience, high availability, protection of the sensitive data, beyond fault and intrusion tolerance, always keeping the compatibility with the current OpenID clients. |
id |
UFAM_0d62082421a50b9cbc284798a860bd15 |
---|---|
oai_identifier_str |
oai:https://tede.ufam.edu.br/handle/:tede/4431 |
network_acronym_str |
UFAM |
network_name_str |
Biblioteca Digital de Teses e Dissertações da UFAM |
repository_id_str |
|
spelling |
An architecture to resilient and highly available identity providers based on OpenID standardUma arquitetura para provedores de identidade resistente e altamente disponíveis com base no padrão OpenIDTolerância a faltas e intrusõesSistemas resilientesReplicação de máquinas de estadoFault and intrusion toleranceResilient systemsState machine replicationAuthentication and authorization infra-structuresOpenIDCIÊNCIAS EXATAS E DA TERRA: CIÊNCIA DA COMPUTAÇÃOSecure authentication services and systems typically are based on two main approaches: the first one seeks to defend itself of all kind of attack. Actually, the major current services use this approach, which is known for present failures as well as being completely infeasible. Our proposal uses the second approach, which seeks to defend itself of some specific attacks, and assumes that eventually the system may suffer an intrusion or fault. Hence, the system does not try avoiding the problems, but tolerate them by using intelligent mechanisms which allow the system keep executing in a trustworthy and safe state. This research presents a resilient architecture to authentication services based on OpenID by the use of fault and intrusion tolerance protocols, as well as a functional prototype. Through the several performed tests, it was possible to note that our system presents a better performance than a standard OpenID service, but with additional resilience, high availability, protection of the sensitive data, beyond fault and intrusion tolerance, always keeping the compatibility with the current OpenID clients.Quando se trata de sistemas e serviços de autenticação seguros, há duas abordagens principais: a primeira procura estabelecer defesas para todo e qualquer tipo de ataque. Na verdade, a maioria dos serviços atuais utilizam esta abordagem, a qualsabe-sequeéinfactívelefalha. Nossapropostautilizaasegundaabordagem, a qual procura se defender de alguns ataques, porém assume que eventualmente o sistema pode sofrer uma intrusão ou falha e ao invés de tentar evitar, o sistema simplesmente as tolera através de mecanismos inteligentes que permitem manter o sistema atuando de maneira confiável e correta. Este trabalho apresenta uma arquiteturaresilienteparaserviçosdeautenticaçãobaseadosemOpenIDcomuso deprotocolosdetolerânciaafaltaseintrusões, bemcomoumprotótipofuncional da arquitetura. Por meio dos diversos testes realizados foi possível verificar que o sistema apresenta um desempenho melhor que um serviço de autenticação do OpenID padrão, ainda com muito mais resiliência, alta disponibilidade, proteção a dados sensíveis e tolerância a faltas e intrusões. Tudo isso sem perder a compatibilidade com os clientes OpenID atuais.Não InformadaUniversidade Federal do AmazonasInstituto de ComputaçãoBrasilUFAMPrograma de Pós-graduação em InformáticaFeitosa, Eduardo Luzeirohttp://lattes.cnpq.br/5939944067207881Souto, Eduardo James Pereirahttp://lattes.cnpq.br/3875301617975895Pio, José Luiz de Souzahttp://lattes.cnpq.br/1014904168887285Cunha, Hugo Assishttp://lattes.cnpq.br/20227251988046242015-07-20T14:12:26Z2014-09-26info:eu-repo/semantics/publishedVersioninfo:eu-repo/semantics/masterThesisapplication/pdfCUNHA, Hugo Assis. An architecture to resilient and highly available identity providers based on OpenID standard. 2014. 103 f. Dissertação (Mestrado em Informática) - Universidade Federal do Amazonas, Manaus, 2014.http://tede.ufam.edu.br/handle/handle/4431enginfo:eu-repo/semantics/openAccessreponame:Biblioteca Digital de Teses e Dissertações da UFAMinstname:Universidade Federal do Amazonas (UFAM)instacron:UFAM2016-05-11T14:36:28Zoai:https://tede.ufam.edu.br/handle/:tede/4431Biblioteca Digital de Teses e Dissertaçõeshttp://200.129.163.131:8080/PUBhttp://200.129.163.131:8080/oai/requestddbc@ufam.edu.br||ddbc@ufam.edu.bropendoar:65922016-05-11T14:36:28Biblioteca Digital de Teses e Dissertações da UFAM - Universidade Federal do Amazonas (UFAM)false |
dc.title.none.fl_str_mv |
An architecture to resilient and highly available identity providers based on OpenID standard Uma arquitetura para provedores de identidade resistente e altamente disponíveis com base no padrão OpenID |
title |
An architecture to resilient and highly available identity providers based on OpenID standard |
spellingShingle |
An architecture to resilient and highly available identity providers based on OpenID standard Cunha, Hugo Assis Tolerância a faltas e intrusões Sistemas resilientes Replicação de máquinas de estado Fault and intrusion tolerance Resilient systems State machine replication Authentication and authorization infra-structures OpenID CIÊNCIAS EXATAS E DA TERRA: CIÊNCIA DA COMPUTAÇÃO |
title_short |
An architecture to resilient and highly available identity providers based on OpenID standard |
title_full |
An architecture to resilient and highly available identity providers based on OpenID standard |
title_fullStr |
An architecture to resilient and highly available identity providers based on OpenID standard |
title_full_unstemmed |
An architecture to resilient and highly available identity providers based on OpenID standard |
title_sort |
An architecture to resilient and highly available identity providers based on OpenID standard |
author |
Cunha, Hugo Assis |
author_facet |
Cunha, Hugo Assis http://lattes.cnpq.br/2022725198804624 |
author_role |
author |
author2 |
http://lattes.cnpq.br/2022725198804624 |
author2_role |
author |
dc.contributor.none.fl_str_mv |
Feitosa, Eduardo Luzeiro http://lattes.cnpq.br/5939944067207881 Souto, Eduardo James Pereira http://lattes.cnpq.br/3875301617975895 Pio, José Luiz de Souza http://lattes.cnpq.br/1014904168887285 |
dc.contributor.author.fl_str_mv |
Cunha, Hugo Assis http://lattes.cnpq.br/2022725198804624 |
dc.subject.por.fl_str_mv |
Tolerância a faltas e intrusões Sistemas resilientes Replicação de máquinas de estado Fault and intrusion tolerance Resilient systems State machine replication Authentication and authorization infra-structures OpenID CIÊNCIAS EXATAS E DA TERRA: CIÊNCIA DA COMPUTAÇÃO |
topic |
Tolerância a faltas e intrusões Sistemas resilientes Replicação de máquinas de estado Fault and intrusion tolerance Resilient systems State machine replication Authentication and authorization infra-structures OpenID CIÊNCIAS EXATAS E DA TERRA: CIÊNCIA DA COMPUTAÇÃO |
description |
Secure authentication services and systems typically are based on two main approaches: the first one seeks to defend itself of all kind of attack. Actually, the major current services use this approach, which is known for present failures as well as being completely infeasible. Our proposal uses the second approach, which seeks to defend itself of some specific attacks, and assumes that eventually the system may suffer an intrusion or fault. Hence, the system does not try avoiding the problems, but tolerate them by using intelligent mechanisms which allow the system keep executing in a trustworthy and safe state. This research presents a resilient architecture to authentication services based on OpenID by the use of fault and intrusion tolerance protocols, as well as a functional prototype. Through the several performed tests, it was possible to note that our system presents a better performance than a standard OpenID service, but with additional resilience, high availability, protection of the sensitive data, beyond fault and intrusion tolerance, always keeping the compatibility with the current OpenID clients. |
publishDate |
2014 |
dc.date.none.fl_str_mv |
2014-09-26 2015-07-20T14:12:26Z |
dc.type.status.fl_str_mv |
info:eu-repo/semantics/publishedVersion |
dc.type.driver.fl_str_mv |
info:eu-repo/semantics/masterThesis |
format |
masterThesis |
status_str |
publishedVersion |
dc.identifier.uri.fl_str_mv |
CUNHA, Hugo Assis. An architecture to resilient and highly available identity providers based on OpenID standard. 2014. 103 f. Dissertação (Mestrado em Informática) - Universidade Federal do Amazonas, Manaus, 2014. http://tede.ufam.edu.br/handle/handle/4431 |
identifier_str_mv |
CUNHA, Hugo Assis. An architecture to resilient and highly available identity providers based on OpenID standard. 2014. 103 f. Dissertação (Mestrado em Informática) - Universidade Federal do Amazonas, Manaus, 2014. |
url |
http://tede.ufam.edu.br/handle/handle/4431 |
dc.language.iso.fl_str_mv |
eng |
language |
eng |
dc.rights.driver.fl_str_mv |
info:eu-repo/semantics/openAccess |
eu_rights_str_mv |
openAccess |
dc.format.none.fl_str_mv |
application/pdf |
dc.publisher.none.fl_str_mv |
Universidade Federal do Amazonas Instituto de Computação Brasil UFAM Programa de Pós-graduação em Informática |
publisher.none.fl_str_mv |
Universidade Federal do Amazonas Instituto de Computação Brasil UFAM Programa de Pós-graduação em Informática |
dc.source.none.fl_str_mv |
reponame:Biblioteca Digital de Teses e Dissertações da UFAM instname:Universidade Federal do Amazonas (UFAM) instacron:UFAM |
instname_str |
Universidade Federal do Amazonas (UFAM) |
instacron_str |
UFAM |
institution |
UFAM |
reponame_str |
Biblioteca Digital de Teses e Dissertações da UFAM |
collection |
Biblioteca Digital de Teses e Dissertações da UFAM |
repository.name.fl_str_mv |
Biblioteca Digital de Teses e Dissertações da UFAM - Universidade Federal do Amazonas (UFAM) |
repository.mail.fl_str_mv |
ddbc@ufam.edu.br||ddbc@ufam.edu.br |
_version_ |
1797040482636791808 |