Comparative Analysis and Framework Evaluating Web Single Sign-on Systems

被引：4

作者：

Alaca, Furkan ^{[1
]}

Van Oorschot, Paul C. ^{[2
]}

机构：

[1] Queens Univ, Sch Comp, 557 Goodwin Hall, Kingston, ON K7L 2N8, Canada

[2] Carleton Univ, Sch Comp Sci, 1125 Colonel Dr, Ottawa, ON K1S 5B6, Canada

来源：

ACM COMPUTING SURVEYS | 2020年 / 53卷 / 05期

基金：

加拿大自然科学与工程研究理事会;

关键词：

Single sign-on; password managers; federated identity systems; passwords;

D O I：

10.1145/3409452

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

We perform a comprehensive analysis and comparison of 14 web single sign-on (SSO) systems proposed and/or deployed over the past decade, including federated identity and credential/password management schemes. We identify common design properties and use them to develop a taxonomy for SSO schemes, highlighting the associated tradeoffs in benefits (positive attributes) offered. We develop a framework to evaluate the schemes, in which we identify 14 security, usability, deployability, and privacy benefits. We also discuss how differences in priorities between users, service providers, and identity providers impact the design and deployment of SSO schemes.

引用

下载

页数：34

共 50 条

[1] Web services single sign-on protocol and formal analysis on it
Zheng, DX
Tang, SH
Li, SF
JOURNAL OF CIRCUITS SYSTEMS AND COMPUTERS, 2005, 14 (05) : 923 - 930
[2] A single sign-on framework for web-services-based distributed applications
Hillenbrand, M
Götze, J
Müller, J
Müller, P
CONTEL 2005: PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON TELECOMMUNICATIONS, VOLS 1 AND 2, 2005, : 273 - 279
[3] CHARACTERIZATION OF WEB SINGLE SIGN-ON PROTOCOLS
Beltran, Victoria
IEEE COMMUNICATIONS MAGAZINE, 2016, 54 : 24 - 30
[4] Method of Single Sign-on for Independent Web Systems Based on AJAX
Yang Tie-jun
Yang Xiu-juan
2013 3RD INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE AND NETWORK TECHNOLOGY (ICCSNT), 2013, : 310 - 314
[5] Single sign-on to the web with an EMV card
Boyd, David J.
PROCEEDINGS OF THE 2008 INTERNATIONAL SYMPOSIUM ON COLLABORATIVE TECHNOLOGIES AND SYSTEMS: CTS 2008, 2008, : 112 - 120
[6] Single sign-on protocol for web services
Zheng, Dong-Xi
Tang, Shao-Hua
Li, Shao-Fa
Huanan Ligong Daxue Xuebao/Journal of South China University of Technology (Natural Science), 2005, 33 (02): : 65 - 69
[7] A taxonomy of single sign-on systems
Pashalidis, A
Mitchell, CJ
INFORMATION SECURITY AND PRIVACY, PROCEEDINGS, 2003, 2727 : 249 - 264
[8] Design of a scalable single sign-on for web service
Huang, He
Liu, Qingwen
Zhao, Liang
Liu, Fengchen
2007 INTERNATIONAL SYMPOSIUM ON COMPUTER SCIENCE & TECHNOLOGY, PROCEEDINGS, 2007, : 384 - 388
[9] Evaluating single sign-on security failure in cloud services
Cusack, Brian
Ghazizadeh, Eghbal
BUSINESS HORIZONS, 2016, 59 (06) : 605 - 614
[10] Research of a new type web single sign-on program
College of Information and Electronic Engineering, Hebei University of Engineering, Handan 056038, China
J. Inf. Comput. Sci., 2008, 3 (1407-1413):

← 1 2 3 4 5 →