Improving the Security of SSO in Distributed Computer Network using Digital Certificate and one Time Password (OTP)
|
10.5120/15489-4227 |
Vishal Patel and Riddhi Patel. Article: Improving the Security of SSO in Distributed Computer Network using Digital Certificate and one Time Password (OTP). International Journal of Computer Applications 89(4):10-14, March 2014. Full text available. BibTeX
@article{key:article,
author = {Vishal Patel and Riddhi Patel},
title = {Article: Improving the Security of SSO in Distributed Computer Network using Digital Certificate and one Time Password (OTP)},
journal = {International Journal of Computer Applications},
year = {2014},
volume = {89},
number = {4},
pages = {10-14},
month = {March},
note = {Full text available}
}
Abstract
A Single Sign–on is a new authentication mechanism for user to use multiple services provided by service provider in distributed computer network. It is a one type of application in that allows users to log in once and access to multiple independent applications without being asked to log in again at every application. It enables a legal user with a single credential to be authenticated by multiple service providers in distributed computer networks. This scheme has security flaws. Service provider is fail to credential privacy and authentication. There is two types of impersonation attacks. First attack is credential recovery attack and impersonation. In this attack the attacker act as harm full service provider, who has successfully communicated with a legal user twice to get the identity of a legal user. In another attack the attacker use the services impersonating any legal user or a nonexistent user without credentials. In this we analyze those security flaws & propose solution for those flaws. We have to recover these two types of attacks.
References
- "Security Analysis of A Single Sign-On Mechanism for Distributed Computer Networks", Guilin Wang,Jiangshan Yu, and Qi Xie IEEE TRANSACTIONS ON NETWORKING FEB 2013.
- "A secure single sign-on mechanism for distributed computer networks," C. -C. Chang and C. -Y. Lee, IEEE Trans. On Industrial Electronics ,vol. 59, no. 1, Jan 2012.
- "Research on the solution of PKI interoperability based on validation authority" yongli Ma;Beijing GFA E-commerce Security CA CO;ltd Beijing , china June 2011
- "A generic construction of dynamic single sign-on with strong security" J. Han, Y. Mu, W. Susilo, and J. Yan, SECURECOMM – 2010.
- "A novel user identification scheme with key distribution preserving user anonymity for distributed computer networks," C. -L. Hsu and Y. -H. Chuang, Inf. Sci. , 179(4): 422-429, 2009
- "Distributing Internet services to the network's edge", A. C. Weaver and M. W. Condtry, IEEE Trans. Ind. Electron. , 50(3): 404-411, Jun. 2003
- "Password authentication within secure communication", L. Lamport, Commun. ACM, 24(11): 770-772, Nov. 1981.
- "A secure identification and key agreement protocol with user anonymity (sika)"K. V. Mangipudi and R. S. Katti, Computers and Security, 25(6): 420-425, 2006.
- X. Li, W. Qiu, D. Zheng, K. Chen, and J. Li, "Anonymity enhancement
- "New efficient user identification and key distribution scheme providing enhanced security" ,Y. Yang, S. Wang, F. Bao, J. Wang, and R. H. Deng, "Computers and Security, 23(8): 697-704, 2004.
- A generic construction of dynamic single sign-on with strong security",J. Han, Y. Mu, W. Susilo, and J. Yan, secure pro communication spinger 2010
- "A logic of authentication," M. Burrows, M. Abadi, and R. Needham, ACM Trans. Comput. Syst. , 8(1): 18-36, 1990.
- PKCS, "Public key cryptography standards, PKCS #1 v2. 1," RSA Cryptography Standard, Draft 2, 2001. Available at http://www. rsasecurity. com/rsalabs/pkcs/
- Wikipedia,RSA(algorithm)http://en. wikipedia. org/wiki/RSA_(algorithm http://nile. wpi. edu/NS2
- W. Stallings, Cryptography and Network Security, 4th ed. Upper Saddle River, NJ: Pearson, Nov. 2005, pp. 334–340.
- Prof M. T. Savaliya Advance java technology dream tech publication.
- single sign-on solution for mysea servicesby Sonia Bui September 2005