Security and privacy of Single-Sign-On (SSO) in mobile environment: Students' experiences and perceptions (original) (raw)
Related papers
With the proliferation of networks and web applications today, network users usually maintain a set of user names and passwords to login/authenticate into each of these networks. The increase in number of networks and web applications has led users to have multiple usernames and passwords (credentials) to the point that most cannot remember all. Thus in a bid to enhance end user convenience in accessing network resources, single sign-on (SSO) solutions have been developed. SSO has been defined as a mechanism by which a single user authentication can permit a user access all networks, computers and systems for which that user has access to without the need to enter multiple usernames and passwords for each.
A Taxonomy of Single Sign-On Systems
Lecture Notes in Computer Science, 2003
At present, network users have to manage one set of authentication credentials (usually a username/password pair) for every service with which they are registered. Single Sign-On (SSO) has been proposed as a solution to the usability, security and management implications of this situation. Under SSO, users authenticate themselves only once and are logged into the services they subsequently use without further manual interaction. Several architectures for SSO have been developed, each with different properties and underlying infrastructures. This paper presents a taxonomy of these approaches and puts some of the SSO schemes, services and products into that context. This enables decisions about the design and selection of future approaches to SSO to be made within a more structured context; it also reveals some important differences in the security properties that can be provided by various approaches.
Single Sign On ( SSO ) Application For Websites
2013
We use many websites like Facebook, Gmail, bank w ebsites and others on a day to day basis. Every tim e we have to individually enter the username and passwor d for every website, which may be troublesome. It c auses password fatigue. Web browsers like Google chrome allow savi ng the username and password, but the password is v isible in the clear in the Google chrome settings to an outsider that is, another user of the same computer. Managin g passwords of social sites, banks etc becomes risky and people en d up saving them in a notepad file or in some way s uch that there is always a possibility of someone acquiring those pas swords. This manual password management is obviousl y insecure. There are applications which act as password manage rs, which store the passwords in a centralised repo sitory in a cryptographic form. Centralised and secure password management is the need of the day. We propose the idea of a “SINGLE SIGN ON APPLICATION” that has a master password. The user nee...
Implementation of Single Sign on (SSO) for College websites
2020
1,2,3Student, Dept. of Information Technology, A P shah Institute of Technology, Thane (Maharashtra)-400615 4,5 Professor, Dept. of Information Technology, A P shah Institute of Technology, Thane (Maharashtra)-400615 ---------------------------------------------------------------------***---------------------------------------------------------------------Abstract Consider a university education website need to provide different courses and tutorials to its students. But to include numerous resources and tutorials onto one education portal are often tedious and space constraint. Having multiple systems typically require multiple sign-on dialogues to access the resources. Users need to register on multiple portals to access the contents and courses and it involves the headache of remembering multiple sets of credentials. Users even have to present credentials multiple times they login to those portals/websites. With these scenarios, more the portals, the more sign-ins are required. I...
Once IS Enough: Single Sign-On
2007
For eons, passwords have been the gatekeepers to information and data located that is behind a 'locked door' or stored in a secret location. It is no different today, as passwords are a key to secrets, however, what is different today is the number of passwords that one needs to construct, recall and keep safe. This multiplicity has created a memory overload for the user, less secure passwords, and often, a strain on computer help-desk staff. Password technologies that reduce the need for multiple passwords are evolving; their developers claim that the technologies lessen the security risk to a system due to a reduction in the number of passwords required to get through the day-today work of a 21 st century citizen. Smart cards, biometric devices, and Single Sign-On (SSO) systems are the most promoted alternatives. Specifically, Single Sign-On password systems are of interest to the study presented here. Single Sign-On allows end users to access multiple services and systems with a single username and password, therefore reducing the cognitive load on the end user and thus supposedly, reducing end user frustration which is turn reduces password-related security risks. This paper presents the results of a study conducted within two businesses that explored the influence SSO password systems have on system security.
Can Single Sign-on Improve Password Management? A Focus Group Study
Advances in Intelligent Systems and Computing, 2015
This paper presents a research concerning password management and single-sign-on for accessing lnternet applications. Many lnternet applications require users to subscribe to their services and authenticate themselves through the use of login credentials. The number of such applications is increasing exponentially which caused ineffective login credentials management among users. This study was conducted with two objectives (i) to identify how users manage their usernames and passwords, and (ii) to examine whether users see the benefits of single-sign-on. To achieve these objectives, a focus group interview was conducted on students from a local university. The results of the study suggested that the students did not practice proper password management. Further, it suggested that single-sign-on may not be the immediate solution to improve the students' password management.
SSO - Single-Sign-On Profile: Authentication Mechanisms Version 2.0
Approved client-server authentication mechanisms are described for the IVOA single-sign-on profile: No Authentication; HTTP Basic Authentication; TLS with passwords; TLS with client certificates; Cookies; Open Authentication; Security Assertion Markup Language; OpenID. Normative rules are given for the implementation of these mechanisms, mainly by reference to pre-existing standards. The Authorization mechanisms are out of the scope of this document.
Impostor: a single sign-on system for use from untrusted devices
IEEE Global Telecommunications Conference, 2004. GLOBECOM '04., 2004
At present, network users have to manage a set of authentication credentials (usually a username/password pair) for every service with which they are registered. Single Sign-On (SSO) has been proposed as a solution to the usability, security and management implications of this situation. Under SSO, users need to manage only one set of authentication credentials in order to log into the services they subsequently use. This paper presents the design of an SSO system that is based on a trusted proxy, and that is suitable for use from an untrusted network access device. Unlike existing proxy-based SSO schemes, which require an infrastructure to be in place between the proxy and the service providers, the one presented here does not. An opensource implementation of the scheme, called 'Impostor', is also described. The prototype is implemented as an HTTP proxy, resulting in a system that works with common web browsers.
Design and Implementation of Enhanced Single Sign on System for Education
—Consider a college education portal needs to provide access to different domain courses and tutorials to it's students. But to incorporate numerous resources and tutorials onto one education portal can be tedious and space constraint. Multiple systems typically require multiple sign-on dialogues to access the resources. Users need to register on multiple portals to access the contents and courses and it indulge the headache of remembering multiple sets of credentials. Users also have to present credentials multiple times they login to these portals/websites. With these scenarios, when there are more security domains, the more sign-ins required. It also requires to restrict access to unauthorized users when log-ins are authenticated. If there are redundancy of resources across multiple websites, users may show lack of interest due to redundancy and authorization. headache. Single sign on system is the proposed method to provide access to the educational learning resources/contents. In this approach, one-time login is required and the logged in user can access the relevant authorized service provider's resources without need to login to their UI facing. This approach provides a secure way to authenticate users by the unique hash password validation and time stamp validation. If both the validation are performed, the requesting user will be provided access to other website resources as well where the user's authorization is done with the valid token and access key. Hence, the other websites can share common resources across multiple domains without the technology barrier.