Loading...

Improving the Security and Performance of a Ticket-based Single Sign-on Authentication Systems

Salari Panah, Davood | 2014

340 Viewed
  1. Type of Document: M.Sc. Thesis
  2. Language: Farsi
  3. Document No: 46060 (19)
  4. University: Sharif University of Technology
  5. Department: Computer Engineering
  6. Advisor(s): Jalili, Rasool
  7. Abstract:
  8. Nowadays, user accounts on websites such as Google, Facebook, and Yahoo are their key to login into other websites and on the Internet. Thus, there is no need for authentication in each website and each user can access his/her other accounts just by logging in Google or Facebook. In background, single sign-on protocols such as OpenID and OAuth are being used. Since single sign-on accounts are very critical and sensitive, they are always under attack of cyber intruders. One of the most important threats is phishing in which one of the seeming trustful components could be attacker.This thesis demonstrates that OpenID providers may not be worthwhile and trustful as they are able to have unauthorized access to all the accounts on Web servers. They can also track all users’ activities on the accounts. In addition, the thesis represents that existing architectures for single sign-on can not precisely meet the Internet users’ need. Therefore, we propose a novel architecture based on changing the encryption key to prevent single sign-on providers from accessing to users’ information. In this architecture, new concepts of server and key of encryption key changer are defined. A protocol compatible to the architecture is designed which is able to prevent common attacks. Likewise, it prevents OpenID provider from unauthorized access to users’ accounts. Theprotocol security is investigated and verified using the AVISPA protocol verifier tool. More sensitive cases and the cases not supported by AVISPA have been investigated separately
  9. Keywords:
  10. Authentication ; Open Identification (ID) ; Secure Open Identification (ID) ; Single Sign-on

 Digital Object List

 Bookmark

No TOC