Single sign on architecture with dynamic tokens

Abstract

Single Sign On (SSO) is a useful technology that allows users to skip bothersome authentication processes during accesses to multiple services. It is particularly useful for services for mobile terminals because of their limited resources and interfaces. Some existing SSO mechanisms only verify static data such as IDs and passwords. However, we consider that it will be quite useful if they could deal with dynamic data. We propose a new SSO architecture that uses a "Dynamic Token" that describe dynamic data such as a payment history. The architecture introduces an additional server, named "Circulator", which distributes the latest token values to service providers. Accordingly, the providers can correctly verify the token values sent from clients. This paper proposes an efficient algorithm for Circulator to effectively visit the providers. The result of our experiment shows the efficiency of the algorithm.