About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
IEEE Internet Computing
Paper
Analysis of Liberty Single-Sign-on with Enabled Clients
Abstract
The Liberty-enabled client and proxy (LECP) protocol's profile is discussed. The LECP protocol is essentially a three-party authentication and channel-establishment in the standard setting of protocols such as Needham-Schroeder or Kerberos, in which all three parties run specific protocol engines. The main advantage of channel-based protocols is that they work with secure sockets layer (SSL) or transport-layer security (TLS), the only current ubiquitous cryptographic infrastructure. Several concerns disappear with an enabled client, as in the LECP protocol, if the operational and user-interface aspects are well designed.