Polybius: Secure Web Single-Sign-On for Legacy Applications

نویسندگان

  • Pascal Gienger
  • Marcel Waldvogel
چکیده

Web-based interfaces to applications in all domains of university life are surging. Given the diverse demands in and the histories of universities, combined with the rapid IT industry developments, all attempts at a sole all-encompassing platform for single-sign-on (SSO) will remain futile. In this paper, we present an architecture for a meta-SSO, which is able to seamlessly integrate with a wide variety of existing local sign-in and SSO mechanisms. It is therefore an excellent candidate for a university-wide all-purpose SSO system. Among the highlights are: No passwords are ever stored on disk, neither in the browser nor in the gateway; its basics have been implemented in a simple, yet versatile Apache module; and it can help reducing the impact of security problems anywhere in the system. It could even form the basis for secure inter-university collaborations and mutual outsourcing.

برای دانلود رایگان متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Web Single Sign-On Authentication using SAML

Companies have increasingly turned to application service providers (ASPs) or Software as a Service (SaaS) vendors to offer specialized web-based services that will cut costs and provide specific and focused applications to users. The complexity of designing, installing, configuring, deploying, and supporting the system with internal resources can be eliminated with this type of methodology, pr...

متن کامل

Single Sign-on Mechanism for Secure Web Service Access through ISSO

Single sign-on (SSO) is an emerging and more secure authentication mechanism that enables an authorized user with a single username/password to be authenticated by many service providers in a distributed network system. The existing technique used SSO scheme and it has achieved security by applying wellorganized security parameters and its improved scheme introduced Verifiable Encryption of Sig...

متن کامل

PASS: A privacy-friendly, secure and open Single Sign-On Protocol for Web Services

Personalization is an important feature of websites. Typically this requires the user to register a new password-protected account for every service. It is expected that websites will implement service cooperations to further enhance the personalisation of their user’s web experience. A common authentication mechanism is required for this. Single sign-on systems have the purpose to establish su...

متن کامل

The Security of Web Services: Secure Communication and Identity Management

Service Oriented Architectures have become the new trend in the world of communication on the web. Especially web services are the high-performance specification of service-oriented architectures. The use of confidential data on the Web becomes the primary problem in the secure communication over the web. The solution proposed in this paper is a secure communication tool OCS based on the princi...

متن کامل

Development of Modified Polybius Technique for Data Security

In present scenario sharing of information is increasing significantly. The information is being transmitted to different user and undergoes various passive and active attacks; therefore, the information security plays a challenging role in communication. Cryptography plays a vital role in secure wireless communication and provides an excellent solution to offer the necessary protection against...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

عنوان ژورنال:

دوره   شماره 

صفحات  -

تاریخ انتشار 2011