Comparative Analysis and Framework Evaluating Web Single Sign-on Systems

被引:4
|
作者
Alaca, Furkan [1 ]
Van Oorschot, Paul C. [2 ]
机构
[1] Queens Univ, Sch Comp, 557 Goodwin Hall, Kingston, ON K7L 2N8, Canada
[2] Carleton Univ, Sch Comp Sci, 1125 Colonel Dr, Ottawa, ON K1S 5B6, Canada
来源
ACM COMPUTING SURVEYS | 2020年 / 53卷 / 05期
基金
加拿大自然科学与工程研究理事会;
关键词
Single sign-on; password managers; federated identity systems; passwords;
D O I
10.1145/3409452
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
We perform a comprehensive analysis and comparison of 14 web single sign-on (SSO) systems proposed and/or deployed over the past decade, including federated identity and credential/password management schemes. We identify common design properties and use them to develop a taxonomy for SSO schemes, highlighting the associated tradeoffs in benefits (positive attributes) offered. We develop a framework to evaluate the schemes, in which we identify 14 security, usability, deployability, and privacy benefits. We also discuss how differences in priorities between users, service providers, and identity providers impact the design and deployment of SSO schemes.
引用
下载
收藏
页数:34
相关论文
共 50 条
  • [21] A Single Sign-On Model for Web Services based on Password Scheme
    Kiran, Lata
    Sood, Sandeep
    Singh, Kuldip
    2009 1ST INTERNATIONAL CONFERENCE ON COMPUTATIONAL INTELLIGENCE, COMMUNICATION SYSTEMS AND NETWORKS(CICSYN 2009), 2009, : 308 - 313
  • [22] On Application of Blockchain to Enhance Single Sign-On (SSO) Systems
    Roy, Swapnoneel
    Matloob, Sam
    Mukhopadhyay, Debajyoti
    2021 IEEE 20TH INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2021), 2021, : 1191 - 1195
  • [23] Single sign-on architectures
    De Clercq, J
    INFRASTUCTURE SECURITY, PROCEEDINGS, 2002, 2437 : 40 - 58
  • [24] SAML & single sign-on
    Sivan, SS
    DR DOBBS JOURNAL, 2003, 28 (11): : 36 - +
  • [25] Design of single sign-on
    Zhao, G
    Zheng, D
    Chen, KF
    PROCEEDINGS OF THE IEEE INTERNATIONAL CONFERENCE ON E-COMMERCE TECHNOLOGY FOR DYNAMIC E-BUSINESS, 2004, : 253 - 256
  • [26] A Billion Keys, but Few Locks: The Crisis of Web Single Sign-On
    Sun, San-Tsai
    Boshmaf, Yazan
    Hawkey, Kirstie
    Beznosov, Konstantin
    NEW SECURITY PARADIGMS WORKSHOP 2010, 2010, : 61 - 71
  • [27] Towards DoS-resistant single sign-on systems
    Bocan, V
    Fagadar-Cosma, M
    EUROCON 2005: THE INTERNATIONAL CONFERENCE ON COMPUTER AS A TOOL, VOL 1 AND 2 , PROCEEDINGS, 2005, : 668 - 671
  • [28] An XML-based single sign-on scheme supporting OSGi framework
    Jeong, J
    Shin, D
    Shin, D
    ICCE: 2005 INTERNATIONAL CONFERENCE ON CONSUMER ELECTRONICS, DIGEST OF TECHNICAL PAPERS, 2005, : 31 - 32
  • [29] SPRESSO: A Secure, Privacy-Respecting Single Sign-On System for the Web
    Fett, Daniel
    Kuesters, Ralf
    Schmitz, Guido
    CCS'15: PROCEEDINGS OF THE 22ND ACM SIGSAC CONFERENCE ON COMPUTER AND COMMUNICATIONS SECURITY, 2015, : 1358 - 1369
  • [30] Design on a Single Sign-On Scheme
    Lei, Wen
    Liang, Xingjian
    Zhang, Hong
    ADVANCES IN SCIENCE AND ENGINEERING, PTS 1 AND 2, 2011, 40-41 : 531 - 536
12345