Re: [higgins-dev] Design review on Auth Service

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]

Re: [higgins-dev] Design review on Auth Service

From: Alexander Yuhimenko <AYuhimenko@xxxxxxxxxxxxxx>
Date: Fri, 25 Sep 2009 00:29:23 +0300
Delivered-to: higgins-dev@xxxxxxxxxxx
List-archive: <https://dev.eclipse.org/mailman/private/higgins-dev>
List-help: <mailto:higgins-dev-request@eclipse.org?subject=help>
List-subscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=subscribe>
List-unsubscribe: <https://dev.eclipse.org/mailman/listinfo/higgins-dev>, <mailto:higgins-dev-request@eclipse.org?subject=unsubscribe>

Hello Paul,

I think we don't  need to store "selector public key" on AuthService.  It may be more secure if  client  generates new selector  key pair each time before start  authentication process (session key pair).  LICS is c++ application, key pair generation  with openssl takes less one second. 

AuthService have to verify username, hash-of-password and serial number for authenticating, if credentials are valid, AuthService generate access token  which includes data needed for  Higgins services (Cardsync, AttributeService, etc ) at least userId and "selector public key". This token must be signed with AuthService x509 certificate. So Higgins services will be able to validate token signature and  associate  userid and "selector public key" for current session.  AuthService also  may/have to encrypt  access token by using selector public key. So selector have to decrypt this token before including  in request for obtaining session token.  Request to a Higgins service (CardSync, AttributeService, etc) must be signed by using "selector private key"  and must be  encrypted by using x509 certificate of Higgins service, or delivered over ssl connection. So Higginse service have to validate "request signature" and "access token signature". The response ("session token") must be encrypted by using "selector public key"  (service takes it from access token).

Client (lics) may send the same access token to all Higgins services, but "session token" will be associated with corresponding  service.

Are you agree?

I don't understand why selector have to store and check  password  hash ( http://wiki.eclipse.org/Authentication_Service_1.1#Authenticating_the_user )? 

Just "session token" has  idle time, it needs for avoiding out of memory exception. Higgins services (Cardsync, AttributeService, etc) have to store some data (userId, selector public key)  associated with session token id in memory and distribute it between installed node (in cluster env).

-- 
thanks,
Alexander Yuhimenko

On Thu, 24 Sep 2009 15:07:39 -0400
Paul Trevithick <ptrevithick@xxxxxxxxx> wrote:

> Alex, 
> 
> I¹ve tried to capture our latest thinking on the Higgins Auth Service here:
> http://wiki.eclipse.org/Authentication_Service_1.1
> 
> Please review/edit/fix that page.
> 
> --Paul

References:
- [higgins-dev] Design review on Auth Service
  - From: Paul Trevithick

Prev by Date: [higgins-dev] Design review on Auth Service
Next by Date: Re: [higgins-dev] IdAS changes proposal
Previous by thread: [higgins-dev] Design review on Auth Service
Next by thread: Re: [higgins-dev] Design review on Auth Service
Index(es):
- Date
- Thread

Breadcrumbs