A Stateless Network Architecture for Inter-Enterprise Authentication, Authorization and Accounting

Providing network infrastructure for authenti- cation, authorization and accounting (AAA) functionalities required by inter-enterprise business applications operat- ing over the global Internet is a challenging problem. The infrastructure needs to support large numbers of clients and services, and also to provide secure resources sharing between applications and across organizations. This paper describes a scalable and secure network infrastructure architecture for inter-enterprise AAA ser- vices, called .TRUST. The architecture has two novel fea- tures: (1) it uses a stateless design for improved security and simplified system structures, and (2) it supports a resource-sharing infrastructure while allowing decentral- ized management. To illustrate the use of the .TRUST architecture, the paper considers three application exam- ples for which laboratory prototypes have been imple- mented.