Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs

Lokesh Ramamoorthi; Dilip Sarkar

doi:10.1007/978-981-13-9155-2_2

Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs

Lokesh Ramamoorthi, Dilip Sarkar

Computer Science

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Abstract

Organizations provide multiple web-based services to its users. To manage easy provisioning and deprovisioning of users, they offer single sign-on (SSO) service as an access control mechanism. To access any SSO service, users need to remember only one set of credentials. These credentials are managed by organization’s identity and access management system (IAM). The identity provider (IDP) is the federated identity management platform to authenticate users, for service providers (SPs), to access and use the services. Users may access the services provided by organization via web browsers. Modern web browsers provide a feature called tabbed browsing, where tabs are widgets within the browser window, so that the users can stay organized when browsing multiple Web sites. In this paper, we analyzed how SSO works in a tabbed browsing environment. Our analysis shows that, in some scenarios, a user may not sign out from some services that he or she was using. This situation may lead to information security attacks. Also, we propose a solution that can be implemented on the browser to ensure a safe sign-out process.

Original language	English (US)
Title of host publication	Developments and Advances in Defense and Security - Proceedings of MICRADS 2019
Editors	Robson Pacheco Pereira, Álvaro Rocha
Publisher	Springer Science and Business Media Deutschland GmbH
Pages	15-28
Number of pages	14
ISBN (Print)	9789811391545
DOIs	https://doi.org/10.1007/978-981-13-9155-2_2
State	Published - Jan 1 2020
Event	Multidisciplinary International Conference of Research Applied to Defense and Security, MICRADS 2019 - Rio de Janeiro, Brazil Duration: May 8 2019 → May 10 2019

Publication series

Name	Smart Innovation, Systems and Technologies
Volume	152
ISSN (Print)	2190-3018
ISSN (Electronic)	2190-3026

Conference

Conference	Multidisciplinary International Conference of Research Applied to Defense and Security, MICRADS 2019
Country	Brazil
City	Rio de Janeiro
Period	5/8/19 → 5/10/19

Fingerprint

Web browsers

Security of data

Access control

Websites

World Wide Web

Keywords

Access control
Authentication
Authorization
Browser security
Federated identity management
Identity provider
Information security
Service provider

ASJC Scopus subject areas

Decision Sciences(all)
Computer Science(all)

Cite this

Ramamoorthi, L., & Sarkar, D. (2020). Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs. In R. P. Pereira, & Á. Rocha (Eds.), Developments and Advances in Defense and Security - Proceedings of MICRADS 2019 (pp. 15-28). (Smart Innovation, Systems and Technologies; Vol. 152). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-13-9155-2_2

Single Sign-on Implementation : Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs. / Ramamoorthi, Lokesh; Sarkar, Dilip.

Developments and Advances in Defense and Security - Proceedings of MICRADS 2019. ed. / Robson Pacheco Pereira; Álvaro Rocha. Springer Science and Business Media Deutschland GmbH, 2020. p. 15-28 (Smart Innovation, Systems and Technologies; Vol. 152).

Research output: Chapter in Book/Report/Conference proceeding › Conference contribution

Ramamoorthi, L & Sarkar, D 2020, Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs. in RP Pereira & Á Rocha (eds), Developments and Advances in Defense and Security - Proceedings of MICRADS 2019. Smart Innovation, Systems and Technologies, vol. 152, Springer Science and Business Media Deutschland GmbH, pp. 15-28, Multidisciplinary International Conference of Research Applied to Defense and Security, MICRADS 2019, Rio de Janeiro, Brazil, 5/8/19. https://doi.org/10.1007/978-981-13-9155-2_2

Ramamoorthi L, Sarkar D. Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs. In Pereira RP, Rocha Á, editors, Developments and Advances in Defense and Security - Proceedings of MICRADS 2019. Springer Science and Business Media Deutschland GmbH. 2020. p. 15-28. (Smart Innovation, Systems and Technologies). https://doi.org/10.1007/978-981-13-9155-2_2

Ramamoorthi, Lokesh ; Sarkar, Dilip. / Single Sign-on Implementation : Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs. Developments and Advances in Defense and Security - Proceedings of MICRADS 2019. editor / Robson Pacheco Pereira ; Álvaro Rocha. Springer Science and Business Media Deutschland GmbH, 2020. pp. 15-28 (Smart Innovation, Systems and Technologies).

@inproceedings{5dbe933783ee41a0bb2fc6e813df2a12,

title = "Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs",

abstract = "Organizations provide multiple web-based services to its users. To manage easy provisioning and deprovisioning of users, they offer single sign-on (SSO) service as an access control mechanism. To access any SSO service, users need to remember only one set of credentials. These credentials are managed by organization’s identity and access management system (IAM). The identity provider (IDP) is the federated identity management platform to authenticate users, for service providers (SPs), to access and use the services. Users may access the services provided by organization via web browsers. Modern web browsers provide a feature called tabbed browsing, where tabs are widgets within the browser window, so that the users can stay organized when browsing multiple Web sites. In this paper, we analyzed how SSO works in a tabbed browsing environment. Our analysis shows that, in some scenarios, a user may not sign out from some services that he or she was using. This situation may lead to information security attacks. Also, we propose a solution that can be implemented on the browser to ensure a safe sign-out process.",

keywords = "Access control, Authentication, Authorization, Browser security, Federated identity management, Identity provider, Information security, Service provider",

author = "Lokesh Ramamoorthi and Dilip Sarkar",

year = "2020",

month = "1",

day = "1",

doi = "10.1007/978-981-13-9155-2_2",

language = "English (US)",

isbn = "9789811391545",

series = "Smart Innovation, Systems and Technologies",

publisher = "Springer Science and Business Media Deutschland GmbH",

pages = "15--28",

editor = "Pereira, {Robson Pacheco} and {\'A}lvaro Rocha",

booktitle = "Developments and Advances in Defense and Security - Proceedings of MICRADS 2019",

}

TY - GEN

T1 - Single Sign-on Implementation

T2 - Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs

AU - Ramamoorthi, Lokesh

AU - Sarkar, Dilip

PY - 2020/1/1

Y1 - 2020/1/1

N2 - Organizations provide multiple web-based services to its users. To manage easy provisioning and deprovisioning of users, they offer single sign-on (SSO) service as an access control mechanism. To access any SSO service, users need to remember only one set of credentials. These credentials are managed by organization’s identity and access management system (IAM). The identity provider (IDP) is the federated identity management platform to authenticate users, for service providers (SPs), to access and use the services. Users may access the services provided by organization via web browsers. Modern web browsers provide a feature called tabbed browsing, where tabs are widgets within the browser window, so that the users can stay organized when browsing multiple Web sites. In this paper, we analyzed how SSO works in a tabbed browsing environment. Our analysis shows that, in some scenarios, a user may not sign out from some services that he or she was using. This situation may lead to information security attacks. Also, we propose a solution that can be implemented on the browser to ensure a safe sign-out process.

AB - Organizations provide multiple web-based services to its users. To manage easy provisioning and deprovisioning of users, they offer single sign-on (SSO) service as an access control mechanism. To access any SSO service, users need to remember only one set of credentials. These credentials are managed by organization’s identity and access management system (IAM). The identity provider (IDP) is the federated identity management platform to authenticate users, for service providers (SPs), to access and use the services. Users may access the services provided by organization via web browsers. Modern web browsers provide a feature called tabbed browsing, where tabs are widgets within the browser window, so that the users can stay organized when browsing multiple Web sites. In this paper, we analyzed how SSO works in a tabbed browsing environment. Our analysis shows that, in some scenarios, a user may not sign out from some services that he or she was using. This situation may lead to information security attacks. Also, we propose a solution that can be implemented on the browser to ensure a safe sign-out process.

KW - Access control

KW - Authentication

KW - Authorization

KW - Browser security

KW - Federated identity management

KW - Identity provider

KW - Information security

KW - Service provider

UR - http://www.scopus.com/inward/record.url?scp=85068381345&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85068381345&partnerID=8YFLogxK

U2 - 10.1007/978-981-13-9155-2_2

DO - 10.1007/978-981-13-9155-2_2

M3 - Conference contribution

AN - SCOPUS:85068381345

SN - 9789811391545

T3 - Smart Innovation, Systems and Technologies

SP - 15

EP - 28

BT - Developments and Advances in Defense and Security - Proceedings of MICRADS 2019

A2 - Pereira, Robson Pacheco

A2 - Rocha, Álvaro

PB - Springer Science and Business Media Deutschland GmbH

ER -

Access to Document

10.1007/978-981-13-9155-2_2