To address the scalability and identity federation problems of the traditional single sign-on system, the proposed scheme divides the security systems into different security domains. Each security domain has its own ...To address the scalability and identity federation problems of the traditional single sign-on system, the proposed scheme divides the security systems into different security domains. Each security domain has its own security servers and service providers, and there are trust relationships between different security domains for identity federation. The security server is responsible for authentication and authorization inside the domain, and offers identity federation capability for different domains. The security assertion markup language (SAML) assertion is used as security token in the system for authentication, authorization, and identity federation. The design of the proposed single sign-on process is based on web service security framework and multiple security domains, and the authorization is always deployed in the local area inside the service provider' s security domain, which enables web service clients, both inside and outside their security domains, to access the services in a simple, scalable, standard and secure way.展开更多
Single sign-on (SSO) is an identity management technique that provides the ability to use multiple Web services with one set of credentials. However, when the authentication server is down or unavailable, users cannot...Single sign-on (SSO) is an identity management technique that provides the ability to use multiple Web services with one set of credentials. However, when the authentication server is down or unavailable, users cannot access these Web services, regardless of whether they are operating normally. Therefore, it is important to enable continuous use alongside SSO. In this paper, we present an identity continuance method for SSO. First, we explain four such continuance methods and identify their limitations and problems. Second, we propose a new solution based on an identifier migration approach that meets the requirement for identity continuance. Finally, we discuss these methods from the viewpoint of continuity, security, efficiency, and feasibility.展开更多
The trend in businesses is moving towards a single browser tool on portable devices to access cloud applications which would increase portability but at the same time would introduce security vulnerabilities. This res...The trend in businesses is moving towards a single browser tool on portable devices to access cloud applications which would increase portability but at the same time would introduce security vulnerabilities. This resulted in the need for several layers of password authentications for cloud applications access. Single Sign-On (SSO) is a tool of access control of multiple software systems. This research explores the effects and implications of SSO solutions on cloud applications. We utilize a new framework of different attributes developed by acquiring IT experts’ opinions through extensive interviews to expand significant strategic parameters at the workplace. The framework was further tested using data collected from a sample of 400+ users in the UAE.展开更多
基金The National Natural Science Foundation of China(No60673054)
文摘To address the scalability and identity federation problems of the traditional single sign-on system, the proposed scheme divides the security systems into different security domains. Each security domain has its own security servers and service providers, and there are trust relationships between different security domains for identity federation. The security server is responsible for authentication and authorization inside the domain, and offers identity federation capability for different domains. The security assertion markup language (SAML) assertion is used as security token in the system for authentication, authorization, and identity federation. The design of the proposed single sign-on process is based on web service security framework and multiple security domains, and the authorization is always deployed in the local area inside the service provider' s security domain, which enables web service clients, both inside and outside their security domains, to access the services in a simple, scalable, standard and secure way.
文摘Single sign-on (SSO) is an identity management technique that provides the ability to use multiple Web services with one set of credentials. However, when the authentication server is down or unavailable, users cannot access these Web services, regardless of whether they are operating normally. Therefore, it is important to enable continuous use alongside SSO. In this paper, we present an identity continuance method for SSO. First, we explain four such continuance methods and identify their limitations and problems. Second, we propose a new solution based on an identifier migration approach that meets the requirement for identity continuance. Finally, we discuss these methods from the viewpoint of continuity, security, efficiency, and feasibility.
文摘The trend in businesses is moving towards a single browser tool on portable devices to access cloud applications which would increase portability but at the same time would introduce security vulnerabilities. This resulted in the need for several layers of password authentications for cloud applications access. Single Sign-On (SSO) is a tool of access control of multiple software systems. This research explores the effects and implications of SSO solutions on cloud applications. We utilize a new framework of different attributes developed by acquiring IT experts’ opinions through extensive interviews to expand significant strategic parameters at the workplace. The framework was further tested using data collected from a sample of 400+ users in the UAE.