Single sign-on(SSO) is a mechanism that uses a single action of validation to permit an authorized user to access all linked, but independent software systems or applications without being prompted to log in again at each of them during a particular session. Some user identification schemes have been proposed for distributed computer networks. Most existing schemes cannot preserve user anonymity when conceivable attacks occur and those schemes are unconfident. Based on the various cryptography techniques and methods there are few practical and secure single sign-on models are proposed. Specifically, we present two impersonation attack, the first attack is outsider without any credential may be able to enjoy network services, The second attack allows a malicious service provider. The objective is to make observations about how the security of this SSO scheme can be improved.
C. Jayaseelan, S. Murali, S. Viswanath, R. Venkatesh
Single Sign On, Validation, User Anonymity, Credential, Malicious Service Provider
- A. C. Weaver and M. W. Condtry, "Distributing Internet services to the network’s edge", IEEE Trans. Ind. Electron., 50(3): 404-411, Jun. 2003.
- L. Barolli and F. Xhafa, "JXTA-OVERLAY: A P2P platform for distributed, collaborative and ubiquitous computing", IEEE Trans. Ind. Elect ron., 58(6): 2163-2172, Oct. 2010.
- L. Lamport, "Password authentication with insecure communication", Commun. ACM, 24(11): 770-772, Nov. 1981.
- W. B. Lee and C. C. Chang, "User identification and key distribution maintaining anonymity for distributed computer networks," Computer Systems Science and Engineering, 15(4): 113-116, 2000.
- W. Juang, S. Chen, and H. Liaw, Robust and efficient password authenticated key agreement using smart cards, IEEE Trans. Ind. Electron., 15(6): 2551-2556, Jun. 2008.
- X. Li, W. Qiu, D. Zheng, K. Chen, and J. Li, "Anonymity enhancement on robust and efficient password-authenticated key agreement using smart cards," IEEE Trans. Ind. Electron., 57(2): 793-800, Feb. 2010.
- C.-C. Lee, M.-S. Hwang, and I-E. Liao, "Security enhancement on a new authentication scheme with anonymity for wireless environments," IEEE Trans. Ind. Electron., 53(5): 1683-1687, Oct. 2006.
- T.-S. Wu and C.-L. Hsu, "Efficient user identification scheme with key distribution preserving anonymity for distributed computer networks," Computers and Security, 23(2): 120-125, 2004.
- Y. Yang, S. Wang, F. Bao, J. Wang, and R. H. Deng, "New efficient user identification and key distribution scheme providing enhanced security," Computers and Security, 23(8): 697-704, 2004.
- K. V. Mangipudi and R. S. Katti, "A secure identification and key agreement protocol with user anonymity (sika)," Computers and Security, 25(6): 420-425, 2006.
- C.-L. Hsu and Y.-H. Chuang, "A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks," Inf. Sci., 179(4): 422-429, 2009.
- The Open Group, "Security Forum on Single Sign-on", http://www. opengroup.org/security/l2-sso.htm
- J. Han, Y. Mu, W. Susilo, and J. Yan, "A generic construction of dynamic single sign-on with strong security," in Proc. of SecureComm’10, pp. 181-198, LNICS 50, Springer, 2010.
- C.-C. Chang and C.-Y. Lee, "A secure single sign-on mechanism for distributed computer networks," IEEE Trans. Ind. Electron., 59(1): 629- 637, Jan. 2012.
- U. Feige, A. Fiat, and A. Shamir, "Zero-knowledge proofs of identity," Journal of Crytography, 1(2): 77-94, 1988.
- G. Tenenbaum. Introduction to Analytic and Probabilistic Number Theory (Theorem 5, page 41). Cambridge studies in advanced mathematics, Vol. 46. Cambridge University Press, 1995.
- E. W. Weisstein, "Relatively prime," MathWorld-A Wolfram Web Resource. Online]. Available at http://mathworld.wolfram. com/RelativelyPrime.html
- PKCS, "Public key cryptography standards, PKCS #1 v2.1," RSA Cryptography Standard, Draft 2, 2001. Available at http://www.rsasecurity.com/rsalabs/pkcs/
- D. Boneh, "Twenty years of attacks on the RSA cryptosystem, " Notices of the American Mathematical Society, 46(2): 203-213, 1999.
- Wikipedia, RSA (algorithm). online]. http://en.wikipedia.org/wiki/RSA_(algorithm)
- M. Burrows, M. Abadi, and R. Needham, "A logic of authentication," ACM Trans. Comput. Syst., 8(1): 18-36, 1990.
- M. Bellare and P. Rogaway, "Entity authentication and key distribution," in Proc. of CRYPTO’93, pp. 232-249, LNCS 773, Springer, 1993.
- C. Boyd and W. Mao, "On a limitation of BAN Logic," in Proc. of EUROCRYPT’93, LNCS 765, pp. 240-247, Springer, 1994.
- N. Asokan, V. Shoup, and M. Waidner, "Optimistic fair exchange of digital signatures," IEEE Journal on Selected Areas in Communications, 18(4): 591-606, 2000.
- J. Camenisch and M. Michels, "Confirmer signature schemes secure against adaptive adversaries," in Proc. of EUROCRYPT 2000, LNCS 1807, pp. 243-258, Springer, 2000.
|Published in :
||Volume 3 | Issue 2 | March-April - 2017
|Date of Publication
Cite This Article
C. Jayaseelan, S. Murali, S. Viswanath, R. Venkatesh, "Real-Time Detection from Various Social Network Using SSO", International Journal of Scientific Research in Science, Engineering and Technology(IJSRSET), Print ISSN : 2395-1990, Online ISSN : 2394-4099, Volume 3, Issue 2, pp.95-99, March-April-2017.
URL : http://ijsrset.com/IJSRSET173249.php