An Intrusion Tolerance Approach to Enhance Single Sign on Server Protection

Modern IT systems have evolved into complex distributed systems that support thousands of users, with each user requiring access to several applications. Single sign on (SSO) provides a convenient facility for managing user authentication such that a user only logs into a system once in order to gain access to many protected applications. For this reason it becomes vitally important to secure the SSO server. If an SSO server is compromised, it could potentially put many applications at risk at the same time. The current Intrusion Detection and Prevention systems have proven to be inadequate because the “bad guys” are always one step ahead. In this paper we present a new and innovative approach to SSO server security called “Self-Cleansing Intrusion Tolerance SSO” (SCIT). SCIT shifts the focus from detection and prevention to containing losses, by reducing the exposure time of the servers. Specifically, we present the results of an evaluation of the performance of a SCIT-ized SSO server. In this way we increase the dependability of the server and provide a new way to balance the trade-off between security and availability. We will show that SCIT provides increased security with little degradation in overall response time of the system.