Title :
OpenID and the Enterprise: A Model-Based Analysis of Single Sign-On Authentication
Author :
Bellamy-McIntyre, Jacob ; Luterroth, Christof ; Weber, Gerald
Author_Institution :
Dept. of Comput. Sci., Univ. of Auckland, Auckland, New Zealand
Abstract :
Single sign-on (SSO) protocols allow one person to use the same login credentials for several organizations. Enterprises face increasing competitive pressure to position themselves with regard to SSO, yet the ramifications of a move to SSO are not fully understood. In this paper we discuss OpenID, a relatively new SSO protocol that is gaining traction on the web. We apply enterprise application modelling techniques to OpenID in order to obtain well-founded decision aids for enterprises: we show how published modelling approaches can be used to analyse risks in OpenID, and show that these can identify security problems with common OpenID practice. Finally, we propose analysis principles that condense important general insights of authentication modelling.
Keywords :
authorisation; corporate modelling; protocols; OpenID; SSO protocol; enterprise application modelling techniques; model-based analysis; security problems; single sign-on authentication; single sign-on protocols; Analytical models; Authentication; Educational institutions; Protocols; Servers; Unified modeling language; Authentication; Models; OpenID; SSO;
Conference_Titel :
Enterprise Distributed Object Computing Conference (EDOC), 2011 15th IEEE International
Conference_Location :
Helsinki
Print_ISBN :
978-1-4577-0362-1
Electronic_ISBN :
1541-7719
DOI :
10.1109/EDOC.2011.26
