Web Single Sign-On Systems
نویسنده
چکیده
Currently, many web applications require users to register for a new account. With the proliferation of web applications, it has become impractical to expect users to remember different usernames and passwords for each application. Web Single Sign-On (Web SSO) protocols allow users to use a s ingle username and password to access different applications. This paper examines three Web SSO protocols: SAML Web Browser SSO Profile, WS-Federation Passive Requestor Profile, an d OpenID.
منابع مشابه
PASS: A privacy-friendly, secure and open Single Sign-On Protocol for Web Services
Personalization is an important feature of websites. Typically this requires the user to register a new password-protected account for every service. It is expected that websites will implement service cooperations to further enhance the personalisation of their user’s web experience. A common authentication mechanism is required for this. Single sign-on systems have the purpose to establish su...
متن کاملThe Devil Is Phishing: Rethinking Web Single Sign-On Systems Security
One significant trend in online user authentication is using Web Single Sign-On (SSO) systems. Especially, open Web SSO standards such as OpenID and OAuth are rapidly gaining adoption on the Web, and they enable over one billion user accounts. However, the largescale threat from phishing attacks to real-worldWeb SSO systems has been significantly underestimated and insufficiently analyzed. In t...
متن کاملManageSecureTM – An Integrated Enterprise Web Security System
Securing web-based systems involves a whole host of security components and practices, such as managing user digital identities, user authorizations, creating a web portal, implementing single sign-on, managing and monitoring servers and other resources critical to the enterprise web. This paper describes some of the real world challenges encountered in implementing enterprise web security, and...
متن کاملOpen Source in Web-Based Applications: A Case Study on Single Sign-On
AbstRAct Business and recreational activities on the global communication infrastructure are increasingly based on the use of remote resources and services, and on the interaction between different, remotely located parties. In such a context, Single Sign-On technologies simplify the log-on process allowing automatic access to secondary domains through a unique log-on operation to the primary d...
متن کاملLogout in Single Sign-on Systems
Single sign-on (SSO) helps users to cope with many online services that require authentication. Systems such as OpenID and SAML-based Shibboleth offer federated identity management where an Identity Provider authenticates the user on behalf of the services. Much research concentrates on making authentication stronger, preventing phishing and making the systems more user friendly but less attent...
متن کامل