Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs

Lokesh Ramamoorthi, Dilip Sarkar

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Abstract

Organizations provide multiple web-based services to its users. To manage easy provisioning and deprovisioning of users, they offer single sign-on (SSO) service as an access control mechanism. To access any SSO service, users need to remember only one set of credentials. These credentials are managed by organization’s identity and access management system (IAM). The identity provider (IDP) is the federated identity management platform to authenticate users, for service providers (SPs), to access and use the services. Users may access the services provided by organization via web browsers. Modern web browsers provide a feature called tabbed browsing, where tabs are widgets within the browser window, so that the users can stay organized when browsing multiple Web sites. In this paper, we analyzed how SSO works in a tabbed browsing environment. Our analysis shows that, in some scenarios, a user may not sign out from some services that he or she was using. This situation may lead to information security attacks. Also, we propose a solution that can be implemented on the browser to ensure a safe sign-out process.

Original languageEnglish (US)
Title of host publicationDevelopments and Advances in Defense and Security - Proceedings of MICRADS 2019
EditorsRobson Pacheco Pereira, Álvaro Rocha
PublisherSpringer Science and Business Media Deutschland GmbH
Pages15-28
Number of pages14
ISBN (Print)9789811391545
DOIs
StatePublished - Jan 1 2020
EventMultidisciplinary International Conference of Research Applied to Defense and Security, MICRADS 2019 - Rio de Janeiro, Brazil
Duration: May 8 2019May 10 2019

Publication series

NameSmart Innovation, Systems and Technologies
Volume152
ISSN (Print)2190-3018
ISSN (Electronic)2190-3026

Conference

ConferenceMultidisciplinary International Conference of Research Applied to Defense and Security, MICRADS 2019
CountryBrazil
CityRio de Janeiro
Period5/8/195/10/19

Fingerprint

Web browsers
Security of data
Access control
Websites
World Wide Web

Keywords

  • Access control
  • Authentication
  • Authorization
  • Browser security
  • Federated identity management
  • Identity provider
  • Information security
  • Service provider

ASJC Scopus subject areas

  • Decision Sciences(all)
  • Computer Science(all)

Cite this

Ramamoorthi, L., & Sarkar, D. (2020). Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs. In R. P. Pereira, & Á. Rocha (Eds.), Developments and Advances in Defense and Security - Proceedings of MICRADS 2019 (pp. 15-28). (Smart Innovation, Systems and Technologies; Vol. 152). Springer Science and Business Media Deutschland GmbH. https://doi.org/10.1007/978-981-13-9155-2_2

Single Sign-on Implementation : Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs. / Ramamoorthi, Lokesh; Sarkar, Dilip.

Developments and Advances in Defense and Security - Proceedings of MICRADS 2019. ed. / Robson Pacheco Pereira; Álvaro Rocha. Springer Science and Business Media Deutschland GmbH, 2020. p. 15-28 (Smart Innovation, Systems and Technologies; Vol. 152).

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Ramamoorthi, L & Sarkar, D 2020, Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs. in RP Pereira & Á Rocha (eds), Developments and Advances in Defense and Security - Proceedings of MICRADS 2019. Smart Innovation, Systems and Technologies, vol. 152, Springer Science and Business Media Deutschland GmbH, pp. 15-28, Multidisciplinary International Conference of Research Applied to Defense and Security, MICRADS 2019, Rio de Janeiro, Brazil, 5/8/19. https://doi.org/10.1007/978-981-13-9155-2_2
Ramamoorthi L, Sarkar D. Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs. In Pereira RP, Rocha Á, editors, Developments and Advances in Defense and Security - Proceedings of MICRADS 2019. Springer Science and Business Media Deutschland GmbH. 2020. p. 15-28. (Smart Innovation, Systems and Technologies). https://doi.org/10.1007/978-981-13-9155-2_2
Ramamoorthi, Lokesh ; Sarkar, Dilip. / Single Sign-on Implementation : Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs. Developments and Advances in Defense and Security - Proceedings of MICRADS 2019. editor / Robson Pacheco Pereira ; Álvaro Rocha. Springer Science and Business Media Deutschland GmbH, 2020. pp. 15-28 (Smart Innovation, Systems and Technologies).
@inproceedings{5dbe933783ee41a0bb2fc6e813df2a12,
title = "Single Sign-on Implementation: Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs",
abstract = "Organizations provide multiple web-based services to its users. To manage easy provisioning and deprovisioning of users, they offer single sign-on (SSO) service as an access control mechanism. To access any SSO service, users need to remember only one set of credentials. These credentials are managed by organization’s identity and access management system (IAM). The identity provider (IDP) is the federated identity management platform to authenticate users, for service providers (SPs), to access and use the services. Users may access the services provided by organization via web browsers. Modern web browsers provide a feature called tabbed browsing, where tabs are widgets within the browser window, so that the users can stay organized when browsing multiple Web sites. In this paper, we analyzed how SSO works in a tabbed browsing environment. Our analysis shows that, in some scenarios, a user may not sign out from some services that he or she was using. This situation may lead to information security attacks. Also, we propose a solution that can be implemented on the browser to ensure a safe sign-out process.",
keywords = "Access control, Authentication, Authorization, Browser security, Federated identity management, Identity provider, Information security, Service provider",
author = "Lokesh Ramamoorthi and Dilip Sarkar",
year = "2020",
month = "1",
day = "1",
doi = "10.1007/978-981-13-9155-2_2",
language = "English (US)",
isbn = "9789811391545",
series = "Smart Innovation, Systems and Technologies",
publisher = "Springer Science and Business Media Deutschland GmbH",
pages = "15--28",
editor = "Pereira, {Robson Pacheco} and {\'A}lvaro Rocha",
booktitle = "Developments and Advances in Defense and Security - Proceedings of MICRADS 2019",

}

TY - GEN

T1 - Single Sign-on Implementation

T2 - Leveraging Browser Storage for Handling Tabbed Browsing Sign-outs

AU - Ramamoorthi, Lokesh

AU - Sarkar, Dilip

PY - 2020/1/1

Y1 - 2020/1/1

N2 - Organizations provide multiple web-based services to its users. To manage easy provisioning and deprovisioning of users, they offer single sign-on (SSO) service as an access control mechanism. To access any SSO service, users need to remember only one set of credentials. These credentials are managed by organization’s identity and access management system (IAM). The identity provider (IDP) is the federated identity management platform to authenticate users, for service providers (SPs), to access and use the services. Users may access the services provided by organization via web browsers. Modern web browsers provide a feature called tabbed browsing, where tabs are widgets within the browser window, so that the users can stay organized when browsing multiple Web sites. In this paper, we analyzed how SSO works in a tabbed browsing environment. Our analysis shows that, in some scenarios, a user may not sign out from some services that he or she was using. This situation may lead to information security attacks. Also, we propose a solution that can be implemented on the browser to ensure a safe sign-out process.

AB - Organizations provide multiple web-based services to its users. To manage easy provisioning and deprovisioning of users, they offer single sign-on (SSO) service as an access control mechanism. To access any SSO service, users need to remember only one set of credentials. These credentials are managed by organization’s identity and access management system (IAM). The identity provider (IDP) is the federated identity management platform to authenticate users, for service providers (SPs), to access and use the services. Users may access the services provided by organization via web browsers. Modern web browsers provide a feature called tabbed browsing, where tabs are widgets within the browser window, so that the users can stay organized when browsing multiple Web sites. In this paper, we analyzed how SSO works in a tabbed browsing environment. Our analysis shows that, in some scenarios, a user may not sign out from some services that he or she was using. This situation may lead to information security attacks. Also, we propose a solution that can be implemented on the browser to ensure a safe sign-out process.

KW - Access control

KW - Authentication

KW - Authorization

KW - Browser security

KW - Federated identity management

KW - Identity provider

KW - Information security

KW - Service provider

UR - http://www.scopus.com/inward/record.url?scp=85068381345&partnerID=8YFLogxK

UR - http://www.scopus.com/inward/citedby.url?scp=85068381345&partnerID=8YFLogxK

U2 - 10.1007/978-981-13-9155-2_2

DO - 10.1007/978-981-13-9155-2_2

M3 - Conference contribution

AN - SCOPUS:85068381345

SN - 9789811391545

T3 - Smart Innovation, Systems and Technologies

SP - 15

EP - 28

BT - Developments and Advances in Defense and Security - Proceedings of MICRADS 2019

A2 - Pereira, Robson Pacheco

A2 - Rocha, Álvaro

PB - Springer Science and Business Media Deutschland GmbH

ER -