Publication Details

Wang, P., Mu, Y., Susilo, W. & Yan, J. (2010). Constructing an authentication token to access external services in service aggregation. 2010 IEEE 7th International Conference on Services Computing, SCC 2010 (pp. 321-328). Piscataway, New Jersey, USA: IEEE.


Service aggregation is becoming a cost-effective and time-efficient way for a business to develop new applications and services. While it creates tremendous opportunities in various industry sectors, its cross-organization nature raises serious challenges in the security domains for authentication. In this paper we formulate a formal definition of authentication in service aggregation and a security model for it, and propose two authentication protocols. One is a one-way protocol and another is an interactive one. In particular, the constructed authentication tokens are anonymous to verifiers. We prove their security, show how to choose optimal system parameters, and analyse the efficiency.



Link to publisher version (DOI)