The security limitations of SSO in OpenID

被引:0
|
作者
Oh, Hyun-Kyung [1 ,2 ]
Jin, Seung-Hun [2 ]
机构
[1] KUST, Informat Secur Engn, Seoul, South Korea
[2] ETRI, Digital ID Secur Res Team, Daejeon, South Korea
来源
10TH INTERNATIONAL CONFERENCE ON ADVANCED COMMUNICATION TECHNOLOGY, VOLS I-III: INNOVATIONS TOWARD FUTURE NETWORKS AND SERVICES | 2008年
关键词
OpenID; Single Sign-On(SSO); ID management system; cookie-based authentication system;
D O I
暂无
中图分类号
TP31 [计算机软件];
学科分类号
081202 ; 0835 ;
摘要
As the Internet becomes a way of social life, there arc lots of accounts which a user has to manage. To receive the web service, people have to register each web site. It is the OpenID to resolve these burdensome. The OpenID provides the Single Sign-On service which a user can be authenticated in several web sites by submitting the password of OpenID to authentication server only once. In this paper, we analyze the Single Sign-On in OpenID and show an experiment of vulnerability of OpenID.
引用
收藏
页码:1608 / +
页数:2
相关论文
共 50 条
  • [41] Confronting the Limitations of Hardware-Assisted Security
    Mannan, Mohammad
    Asokan, N.
    IEEE SECURITY & PRIVACY, 2020, 18 (05) : 6 - 7
  • [42] Physical limitations and challenges to Grain Security in China
    Li, Jianmin
    Li, Zhaohu
    FOOD SECURITY, 2014, 6 (02) : 159 - 167
  • [43] Physical limitations and challenges to Grain Security in China
    Jianmin Li
    Zhaohu Li
    Food Security, 2014, 6 : 159 - 167
  • [44] Security limitations of Shamir's secret sharing
    Lemnouar, Noui
    JOURNAL OF DISCRETE MATHEMATICAL SCIENCES & CRYPTOGRAPHY, 2023, 26 (04): : 977 - 989
  • [45] Limitations when Improving Security Camera Video
    Gohshil, Seiichi
    2017 6TH INTERNATIONAL CONFERENCE ON INFORMATICS, ELECTRONICS AND VISION & 2017 7TH INTERNATIONAL SYMPOSIUM IN COMPUTATIONAL MEDICAL AND HEALTH TECHNOLOGY (ICIEV-ISCMHT), 2017,
  • [46] LIMITATIONS AND LEGAL IMPLICATIONS OF EMPLOYERS SECURITY PROCEDURES
    MCCULLOCH, K
    EMPLOYEE RELATIONS LAW JOURNAL, 1981, 7 (02) : 260 - 268
  • [47] DLFPM-SSO-PE: privacy-preserving and security of intermediate data in cloud storage
    Sarala, V
    Shanmugapriya, P.
    DISTRIBUTED AND PARALLEL DATABASES, 2022, 40 (04) : 815 - 833
  • [48] ARMS LIMITATIONS TREATIES AND NATIONAL SECURITY - SIGNIFICANCE OF SECURITY AGREEMENTS OF ATOMIC POWERS
    BEATON, L
    EUROPA ARCHIV, 1969, 24 (01): : 5 - 13
  • [49] DESIGN AND IMPLEMENTATION OF PROXY-BASED SSO AND SECURITY AUDIT SYSTEM FOR REMOTE DESKTOP ACCESS
    Tan, Zaobao
    Wu, Xu
    Wen, Qiaoyan
    Zhang, Hua
    PROCEEDINGS OF THE 2010 INTERNATIONAL CONFERENCE ON ADVANCED INTELLIGENCE AND AWARENESS INTERNET, AIAI2010, 2010, : 341 - 344
  • [50] DLFPM-SSO-PE: privacy-preserving and security of intermediate data in cloud storage
    Sarala V.
    P. Shanmugapriya
    Distributed and Parallel Databases, 2022, 40 : 815 - 833
12345