Title :
A Single Sign-On Model for Web Services Based on Password Scheme
Author :
Kiran, Lata ; Singh, Kuldip ; Sood, Sandeep
Author_Institution :
E & CE Dept., IIT Roorkee, Roorkee, India
Abstract :
At present, Internet users authenticate themselves using credentials to access different registered web services. These credentials are vulnerable to security threats in presence of active attackers. This imposes a burden on users to manage their credentials in different ways. This paper outlines a Single Sign-On model that defines user authentication and authorization scheme which makes the system secure against various attacks. There are various authentication schemes proposed that were based on like Kerberos and X.509. It may be difficult to utilize these schemes to modify legacy applications in which only password based authentication can be used. This paper proposes a solution based on Single Sign-On in which the system transmits a userpsilas password securely over the network. The model uses the concept of AAA (Authentication, Authorization, and Accounting) and a credential management scheme where the user has to authenticate itself only once.
Keywords :
Web services; authorisation; message authentication; Internet user authentication; Internet user authorization; Internet user credential management; Web services; password based authentication; password scheme; single sign-on model; Computational intelligence; Web services; Authentication; Authorization; Credentials; Secret key exchange; Single Sign-On; Web services;
Conference_Titel :
Computational Intelligence, Communication Systems and Networks, 2009. CICSYN '09. First International Conference on
Conference_Location :
Indore
Print_ISBN :
978-0-7695-3743-6
DOI :
10.1109/CICSYN.2009.44
