TY - GEN
T1 - Single Sign-on Implementation
T2 - Multidisciplinary International Conference of Research Applied to Defense and Security, MICRADS 2019
AU - Ramamoorthi, Lokesh
AU - Sarkar, Dilip
PY - 2020/1/1
Y1 - 2020/1/1
N2 - Organizations provide multiple web-based services to its users. To manage easy provisioning and deprovisioning of users, they offer single sign-on (SSO) service as an access control mechanism. To access any SSO service, users need to remember only one set of credentials. These credentials are managed by organization’s identity and access management system (IAM). The identity provider (IDP) is the federated identity management platform to authenticate users, for service providers (SPs), to access and use the services. Users may access the services provided by organization via web browsers. Modern web browsers provide a feature called tabbed browsing, where tabs are widgets within the browser window, so that the users can stay organized when browsing multiple Web sites. In this paper, we analyzed how SSO works in a tabbed browsing environment. Our analysis shows that, in some scenarios, a user may not sign out from some services that he or she was using. This situation may lead to information security attacks. Also, we propose a solution that can be implemented on the browser to ensure a safe sign-out process.
AB - Organizations provide multiple web-based services to its users. To manage easy provisioning and deprovisioning of users, they offer single sign-on (SSO) service as an access control mechanism. To access any SSO service, users need to remember only one set of credentials. These credentials are managed by organization’s identity and access management system (IAM). The identity provider (IDP) is the federated identity management platform to authenticate users, for service providers (SPs), to access and use the services. Users may access the services provided by organization via web browsers. Modern web browsers provide a feature called tabbed browsing, where tabs are widgets within the browser window, so that the users can stay organized when browsing multiple Web sites. In this paper, we analyzed how SSO works in a tabbed browsing environment. Our analysis shows that, in some scenarios, a user may not sign out from some services that he or she was using. This situation may lead to information security attacks. Also, we propose a solution that can be implemented on the browser to ensure a safe sign-out process.
KW - Access control
KW - Authentication
KW - Authorization
KW - Browser security
KW - Federated identity management
KW - Identity provider
KW - Information security
KW - Service provider
UR - http://www.scopus.com/inward/record.url?scp=85068381345&partnerID=8YFLogxK
UR - http://www.scopus.com/inward/citedby.url?scp=85068381345&partnerID=8YFLogxK
U2 - 10.1007/978-981-13-9155-2_2
DO - 10.1007/978-981-13-9155-2_2
M3 - Conference contribution
AN - SCOPUS:85068381345
SN - 9789811391545
T3 - Smart Innovation, Systems and Technologies
SP - 15
EP - 28
BT - Developments and Advances in Defense and Security - Proceedings of MICRADS 2019
A2 - Pereira, Robson Pacheco
A2 - Rocha, Álvaro
PB - Springer Science and Business Media Deutschland GmbH
Y2 - 8 May 2019 through 10 May 2019
ER -