SCURL Authentication A decentralized approach to entity authentication.

摘要

Self-certifying URL's can be used to authenticate parties in a peer-to-peer environment and CREST is a feasible framework for existing user authentication protocols. Existing entity authentication protocols do not provide decentralized, explicit authentication for both parties. The SCURL authentication protocol uses Self-certifying URL's to authenticate parties and was developed through examination of the TLS/SSL protocol and the Self-certifying File System. The SCURL authentication protocol is implemented in the Scheme programming language and is a feasible authentication protocol for the CREST framework. Additionally, the CREST developer must be able to utilize existing user authentication protocols. OpenID and Shibboleth are dissected to understand the current state of user authentication and the existing C++ OpenID library libopkele was used to develop a Racket OpenID module. The Racket OpenID module proves that it is possible to leverage existing user authentication libraries in the CREST framework.