Content Server 4
Content Server 4
Content Server 4
Multi-Agent System
Somchart Fugkeaw, Piyawit Manpanpanich, and Sekpon Juntapremjitt
Abstract This paper proposes an authentication approach to
support multi-clients in using a multi-application based
environment. The approach is primarily based on the public key
infrastructure (PKI) authentication scheme and the multi-agent
technique. A key pair and a certificate issued by the Certification
Authority (CA) are normally kept in a smart card or a token in
order to enforce two-factor authentication. Both key pair and
certificate are deployed to encrypt/decrypt electronic data or
transaction, or sign/authenticate the sender and the recipient. We
apply the Single Sign-On (SSO) and the Multi-Agent System
(MAS) concepts to facilitate the authentication and the
authorization process in order to work with multi-applications
and multi-clients more dynamically and efficiently. The agent
system is functioned when each client requests to sign on and it is
responsible for validating a client certificate, granting an access
role to the client, and controlling a concurrent use of applications.
Index Terms Authentication, Multi-application, Certification
Authority, SSO, Multi-Agent System.
I. INTRODUCTION
In general, the authentication within computing systems
encompasses
identity
verification,
message
origin
authentication, and message content authentication [1]. An
authentication scheme by PKI is a profound technique used in
most web-based applications in which the authentication is
needed to verify the authenticity of clients and entities using the
automated web-based information system. A variety of
methods are available for performing client authentication, and
these methods form the basis for access control systems [2].
Nowadays, distributed system environment may comprise
many system applications to support various business purposes
demanded by many clients. In such environment, a security,
non-repudiation and authentication technique is critically
required. The encryption and password authentication are a
common technique used by most applications. However, the
Manuscript received January 15, 2007. This work has been supported by
Thai Digital ID Co., Ltd.
Somchart Fugkeaw is with the CA Operation Department, Thai Digital ID
Co., Ltd., BKK 10500 Thailand, phone: (66)-2634-3230; fax: (66)-2634-3231;
e-mail: somchart@ thaidigitalid.com
Piyawit Manpanpanich is with the CA Operation Department, Thai Digital
ID Co., Ltd., BKK 10500 Thailand. (email: [email protected])
Sekpon Juntapremjitt is with the IT Security Consulting Department,
Whitehat
Certified
Co.,Ltd.,
BKK
10310
Thailand
(e-mail:
[email protected]).
1316
IMECS 2007
IMECS 2007
1317
1318
IMECS 2007
IV. IMPLEMENTATION
A. Overview of the Implementation
We initially prove our proposed idea on how the MAS
supports the multi-application authentication and management.
Therefore the primitive goal of our experiment is to verify that
the proposed MAS module is functionally correct and feasible
to support the authentication of multi-applications and
multi-clients. The test scenario consists of a web server, LDAP
directory, Database Oracle 9i. For the MAS module, we use
Java programming for the development.
In our initial experiment, ten clients are assigned to register
for the certificate and key pair, which are kept in the USB
e-token issued by the certification authority in order to use the
multiple web-based applications autonomously.
The clients need to perform two-factor authentication and
single sign on before accessing to web applications. The clients
will be allowed to get through the corresponding web
application when their authenticity and applications access
right are checked to be valid by the MAS engine.
IMECS 2007
1319
REFERENCES
[1]
1320
IMECS 2007