|
The latest JavaTM security package
JAAS
gives developers a way to control the behaviour of an applet and its
access to the local resources on a per-user basis in addition to the
classical per-origin and per-signature basis. This authorisation
service is supported by an authentication component which decides who
is the current user of the JavaTM
Virtual Machine.
Smart cards have been widely recognized as an
efficient way to greatly improve the security of a user authentication
process.
Fortunately, the JAAS designers have carefully disconnected the
authentication task from other parts of the package: this task is
performed by a login module and custom ones can be added when needed.
This is the classical concept of Pluggable Authentication Module
(PAM). In this paper [16 kB, PDF format]
we describe an implementation of a JAAS login module which provides a
strong authentication of users by smart cards.
GDC 2000 Presentation
[1.3 MB, PDF format]
|
