A Hybrid Multi-Application Authentication and Authorization Model using Multi-Agent System and PKI

S. Fugkeaw, P. Manpanpanich, and S. Juntapremjitt (Thailand)


Single Sign-On, Authentication, Authorization, Multi application, PKI, and Multi-Agent System.


Authentication, Authorization, Accountability (AAA) is always required for a good access control system. This paper proposes a Single Sign-On (SSO) model that serves the AAA property with the activity-based policy. The trust in this approach is enabled by the use of public key infrastructure (PKI) which is applied for client two-factor authentication and secures the infrastructure. We introduce the preventive activity-based authorization policy for dynamic user privilege controls. It helps prevent successive unauthorized requests in a formal manner. At the core, we apply the Multi-Agent System (MAS) concept to facilitate the authentication and the authorization process in order to work with multi applications and multi-clients more dynamically and efficiently. The agent system functions when each client requests to sign on and it is responsible for validating a client certificate, granting an access role to the client, and controlling a concurrent use of applications.

Important Links:

Go Back