|
Global Login System is a single sign-on open source protocol, designed to allow any user logged in on his or her account to one of the sites using it, to be authenticated when visiting any other site using it. It aims to be used universally over the Internet, so that each user only needs to have one account with login and password on one designated home site, in order to access anything and operate anywhere on the web that s/he is allowed to. Its difference from other single sign-on systems is that there is no central database of users, so that this system can scale indefinitely by allowing every site of the network to have a separate (hidden) list of users. Description Since there is no central user database, a simple request to some web application in the address bar of the browser cannot provide authentication, as the application cannot guess what server should be requested to get the identity of the user. Instead, it is necessary for users to log in to their home accounts first, then access other resources from there by special bookmarks that operate this authentication. But we also use a system of multiple pseudos per login, so that the user can visit the web under different pseudos from the same account. Each user is identified by the pair (pseudo, home site): such a pair represents only one user, but for matters of anonymity, different such pairs can represent the same user. So, the pseudo under which s/he will visit a given bookmark can be chosen inside his or her list of pseudos in his or her home account before using the bookmark. Each server has a database of symmetric keys for crypted communication with every other server. So, a bookmark from the home site A of a user to another site B contains a signal crypted by the key between A and B, containing some information including the chosen pseudo of the user. This system is part of the Trust-forum project, to be released to sourceforge under LGPL, of a system of web forums to replace email and solve the spam problem : see the Trust-forum project home page.
|
|
|