Single Sign-on for Multiple Web Application
نویسندگان
چکیده
The generation of user credentials for system access coupled with the resulting rising security threats have led to the development of single sign-on (SSO) access control and multiple authentication technologies. This paper provides an overview of these authentication mechanisms, highlighting the current state in the marketplace and describing the key enabling technologies. The resulting analysis indicates a range of technologies, protocols and configurations that can be employed depending on the type of authentication and level of security required. There are a number of key benefits gained from adopting SSO such as increased corporate security and reduced organisational costs of managing access control. There are also a number of key challenges to be overcome by organisations adopting SSO. We build on proxy signature schemes to introduce the first public key cryptographic approach to single sign-on frameworks, which represents an important milestone towards the construction of provably secure single sign-on schemes.
منابع مشابه
Web Single Sign-On Systems
Currently, many web applications require users to register for a new account. With the proliferation of web applications, it has become impractical to expect users to remember different usernames and passwords for each application. Web Single Sign-On (Web SSO) protocols allow users to use a s ingle username and password to access different applications. This paper examines three Web SSO protoco...
متن کاملFrom Multiple Credentials to Browser-Based Single Sign-On: Are We More Secure?
Browser-based Single Sign-On (SSO) is replacing conventional solutions based on multiple, domain-specific credentials by offering an improved user experience: clients log on to their company system once and are then able to access all services offered by the company’s partners. By focusing on the emerging SAML standard, in this paper we show that the prototypical browser-based SSO use case suff...
متن کاملImplementation of Indirect Single Sign-On Approach to Integrate Web-Based Applications
Managing user credential is a critical point in organization that has application island environment such as Diponegoro University. By so doing, application users will be helped to keep only one login information for entering those applications. Not changing login function in each application is the boundary that has been set when managing credentials. For this reason, indirectly single-sign-on...
متن کاملAn authentication flaw in browser-based Single Sign-On protocols: Impact and remediations
Browser-based Single Sign-On (SSO) protocols relieve the user from the burden of dealing with multiple credentials thereby improving the user experience and the security. In this paper we show that extreme care is required for specifying and implementing the prototypical browser-based SSO use case. We show that the main emerging SSO protocols, namely SAML SSO and OpenID, suffer from an authenti...
متن کاملCAS++: An Open Source Single Sign-On Solution for Secure e-Services
Business and recreational activities on the global communication infrastructure are increasingly based on the use of remote resources and services, and on the interaction between different, remotely located parties. On corporate networks as well as on the open Web, the huge number of resources and services often requires to multiple log-ons leading to credential proliferation and, potentially, ...
متن کامل