Comparative Analysis and Framework Evaluating Web Single Sign-on Systems

被引:4
|
作者
Alaca, Furkan [1 ]
Van Oorschot, Paul C. [2 ]
机构
[1] Queens Univ, Sch Comp, 557 Goodwin Hall, Kingston, ON K7L 2N8, Canada
[2] Carleton Univ, Sch Comp Sci, 1125 Colonel Dr, Ottawa, ON K1S 5B6, Canada
来源
ACM COMPUTING SURVEYS | 2020年 / 53卷 / 05期
基金
加拿大自然科学与工程研究理事会;
关键词
Single sign-on; password managers; federated identity systems; passwords;
D O I
10.1145/3409452
中图分类号
TP301 [理论、方法];
学科分类号
081202 ;
摘要
We perform a comprehensive analysis and comparison of 14 web single sign-on (SSO) systems proposed and/or deployed over the past decade, including federated identity and credential/password management schemes. We identify common design properties and use them to develop a taxonomy for SSO schemes, highlighting the associated tradeoffs in benefits (positive attributes) offered. We develop a framework to evaluate the schemes, in which we identify 14 security, usability, deployability, and privacy benefits. We also discuss how differences in priorities between users, service providers, and identity providers impact the design and deployment of SSO schemes.
引用
下载
收藏
页数:34
相关论文
共 50 条
  • [31] A Single Sign-On Scheme for Cross Domain Web Applications Based on SOA
    He, Enze
    Wen, Qiaoyan
    INTERNET OF THINGS-BK, 2012, 312 : 581 - 589
  • [32] O Single Sign-Off, Where Art Thou? An Empirical Analysis of Single Sign-On Account Hijacking and Session Management on the Web
    Ghasemisharif, Mohammad
    Ramesh, Amruta
    Checkoway, Stephen
    Kanich, Chris
    Polakis, Jason
    PROCEEDINGS OF THE 27TH USENIX SECURITY SYMPOSIUM, 2018, : 1475 - 1492
  • [33] Authentication Algorithm Based on Hash-Tree for Web Single Sign-On
    Wei, Qiang
    Wu, Zehui
    Tao, Ronghua
    Ren, Dong
    MECHANICAL DESIGN AND POWER ENGINEERING, PTS 1 AND 2, 2014, 490-491 : 1368 - 1373
  • [34] Single sign-on and the system administrator
    Grubb, MF
    Carter, R
    PROCEEDINGS OF THE TWELFTH SYSTEMS ADMINISTRATION CONFERENCE (LISA XII), 1998, : 63 - 86
  • [35] Scalable single sign-on system
    Huang, He
    Shan, Zhiguang
    Huang, Dongquan
    Journal of Southeast University (English Edition), 2007, 23 (03) : 465 - 468
  • [36] A Survey on Single Sign-On Techniques
    Radha, V.
    Reddy, D. Hitha
    2ND INTERNATIONAL CONFERENCE ON COMPUTER, COMMUNICATION, CONTROL AND INFORMATION TECHNOLOGY (C3IT-2012), 2012, 4 : 134 - 139
  • [37] Formal Analysis of A Single Sign-on Protocol Implementation for Android
    Ye, Quanqi
    Bai, Guangdong
    Wang, Kailong
    Dong, Jin Song
    2015 20TH INTERNATIONAL CONFERENCE ON ENGINEERING OF COMPLEX COMPUTER SYSTEMS (ICECCS), 2015, : 90 - 99
  • [38] Single sign-on framework for AAA operations within commercial mobile networks
    Zrelli, Saber
    Shinoda, Yoichi
    First International Conference on Availability, Reliability and Security, Proceedings, 2006, : 74 - 81
  • [39] Grid single sign-on in CCLRC
    Jensen, Jens
    Spence, David
    Viljoen, Matthew
    PROCEEDINGS OF THE UK E-SCIENCE ALL HANDS MEETING 2006, 2006, : 273 - +
  • [40] A centralized cookie-based single sign-on in distributed systems
    Chalandar, Maryarri Eslami
    Darvish, Parviz
    Rahmani, Amir Masoud
    MEDIA CONVERGENCE: MOVING TO THE NEXT GENERATION, 2007, : 163 - 165
12345