After announcing the participation in the project NGI Pointer of the European Commission, DAASI International now published a complete concept paper, an important milestone in the development of Internet security technology fit for the future with TLS-KDH.
Safe Data Thanks to Secure Authentication
The DAASI International developers want to create the first use case for the still relatively unknown TLS-KDH mechanism. This specification combines the strenghts of common protocols for authentication flows, namely Kerberos, Diffie-Hellmann, and TLS, in order to provide secure encryption even in view to quantum computing. The project, which is sponsored by NGI Pointer, Trust and Authentication for Next Generation Internet (TA4NGI) by DAASI International is supposed to setup the framework to be able to include TLS-KDH in single sign-on processes using the auhtorisation proxy SATOSA. The in-depth concept describes the utilised technologies and shows how to realise a robust proof-of-concept in the subsequent steps, and the additional possibilities derived from the project findings thus far.
What Is Next For TA4NGI?
The following milestones foresee the actual implementation of the concept in SATOSA to ultimately achieve authentication processes which can withstand future challenges. This would also mark the foundation for a vast number of use cases for TLS-KDH in the authentication and authorisation process. As preparing measure, the appropriate modules for an authentication via TLS client certificates are implemented via Kerberos. This work is already underway.
Turning Theory into Reality
Once the technical prerequisites for the use of TLS-KDH in SATOSA have been created, the team will evaluate how this avant-garde technology can already be used today in business applications such as Corteza. In any case, the application possibilities of SATOSA will be significantly expanded by the results.
The technological progress inspired by NGI and the European Commission already bears fruit. This impression is further confirmed by other successful project outcomes. Hence, NGI, in combination with other European projects such as Gaia-X, could become a crucial cornerstone for a European cloud infrastructre.
About DAASI International
DAASI International is an expert in (federated) identity and access management, using open source technology exclusively. Since it was founded in 2000, the IT service provider from Tübingen, Germany deals with identity management, access control and directory service technologies for universities, public authorities and companies. Additionally, DAASI International is actively involved in the field of digital humanities and participates in national and international research projects, including the digital research infrastructure DARIAH-DE. DAASI International’s range of services covers consulting, support, hosting, and software development, as well as individualised trainings.
The NGI Project
“Next Generation Internet” (NGI) is an initiative of the European Commission for a human-centred Internet that respects basic values such as data protection, participation, security and diversity. It is deemed to be the counter-design to the US, and the Chinese Internet. In several subprojects NGI seeks to accomplish differently focused goals to shape the internet of tomorrow. The overarching goal of NGI is to transfer European values to the Internet realm.
Subscribe to our newsletter
- As NGI Architect DAASI International Presents Concept for Novel Internet Security Techonolgy
- Customised IT Security with Modularity and Open Source
- Peter Gietz as Guest on Podcast for Digital Humanities
- Shibboleth Security Advisory – SP: Denial of Service Due to DataSealer
- Safe Contactless Communication with Open Source: Meet “Jitsi Meet”