scholarly journals The implementation and investigation of securing web applications upon multi-platform for a single sign-on functionality

2016 ◽  
Vol 6 (23) ◽  
pp. 39-46 ◽  
Author(s):  
Hsien-Yu Lee
Keyword(s):  
Web Applications ◽  
Single Sign On

scholarly journals Mining User-aware Rare Sequential Topic Monitoring Pattern on Single Sign-on Document Stream in Multiple Web Applications

2020 ◽  
Vol 01 (01) ◽  
pp. 23-30
Author(s):  
Mary Harin Fernandez F ◽  
Keyword(s):  
Real World ◽  
Web Applications ◽  
Internet Document ◽  
Single Sign On ◽  
Internet Users ◽  
Pattern Growth ◽  
Three Stages

In this paper, Sequential Topic Patterns (STPs) technique is used to formulate the issues of User-aware Rare Sequential Topic Patterns (URSTPs) mining in Internet document soure. The Sequential Subject Pattern (STP) is used to define and track Internet users' customised and abnormal behaviours. In certain real - world contexts, STP is incorporated, such as tracking of irregular user behaviours. A set of algorithms are used in three stages to overcome innovative mining issues: first, pre-processing to retrieve probabilistic topics and define sessions for various users. Second, using pattern-growth, generating all the STP candidates with (predicted) support factors for each user. Third, by doing user-aware rarity evaluation on derived STPs, choosing URSTPs.

scholarly journals Assessment of Secure OpenID-Based DAAA Protocol for Avoiding Session Hijacking in Web Applications

2018 ◽  
Vol 2018 ◽  
pp. 1-10 ◽  
Author(s):  
Muhammad Bilal ◽  
Muhammad Asif ◽  
Abid Bashir
Keyword(s):  
Web Applications ◽  
Authentication Protocol ◽  
Web Based ◽  
Single Sign On ◽  
User Session ◽  
Communication Environment ◽  
Session Hijacking ◽  
Web Developers ◽  
Communication Methods ◽  
Online Web

It is increasingly difficult to manage the user identities (IDs) of rapidly developing and numerous types of online web-based applications in the present era. An innovative ID management system is required for managing the user IDs. The OpenID lightweight protocol is a better solution to manage the user IDs. In an OpenID communication environment, OpenID URL is not secured in a session hijacking situation because in other existing OpenID communication methods such double factor authentication has more chances of valid user session hijacked. The proposed communication protocol secures the OpenID URL with the help of additional innovative parameters such as Special Alphanumeric String (SAS) and Special Security PIN (SSP). The anticipated triple authentication protocol authenticated client unique OpenID URL at OpenID Provider (OP) side once and SAS and SSP field at Relying Party (RP) side. The anticipated protocol provides unique Single-Sign-On (SSO) services to OpenID users. The experimental website is tested by experts of web developers for avoiding session hijacking situation in the presence of hackers. The findings demonstrated that Dense Authentication Authorization and Accounting (DAAA) protocol minimizes the risk of a session hijacking in OpenID communication environment.

scholarly journals GridCertLib: A Single Sign-on Solution for Grid Web Applications and Portals

2011 ◽  
Vol 9 (4) ◽  
pp. 441-453 ◽  
Author(s):  
Riccardo Murri ◽  
Peter Z. Kunszt ◽  
Sergio Maffioletti ◽  
Valery Tschopp
Keyword(s):  
Web Applications ◽  
Single Sign On

scholarly journals Single Sign-on Mechanism for Secure Web Service Access through ISSO

2015 ◽  
Vol 11 (1) ◽  
pp. 8
Author(s):  
Ramamurthi Deeptha ◽  
Rajeswari Mukesh
Keyword(s):  
Service Provider ◽  
Web Applications ◽  
Service Providers ◽  
Access Network ◽  
Third Party ◽  
Impersonation Attack ◽  
Service Access ◽  
Authorized User ◽  
Single Sign On ◽  
Authentication Mechanism

Single sign-on (SSO) is an emerging and more secure authentication mechanism that enables an authorized user with a single username/password to be authenticated by many service providers in a distributed network system. The existing technique used SSO scheme and it has achieved security by applying well-organized security parameters and its improved scheme introduced Verifiable Encryption of Signatures (RSA-VES). But the improvement of both the techniques with respect to security is not fully accomplished. We identified two attacks in existing SSO techniques. The first attack permits a malicious service provider to successfully communicate with a legal user more than one time and to recover the authenticated username/password and then to impersonate the service consumer to grant access to web resources and web services provided by other SP (Service Provider). Another attack is that a third party without any security credential may be able to access network services easily by impersonating some legal user or a fictional user. In our proposed work we introduced Improved Single sign-on (ISSO) scheme, which prevents Credential recovery attack, Impersonation attack and Data injection attack. We used the modified version of JMeter open source tool for generating the test report of the particular web apps. We implemented three web applications which provide financial solutions to customers. These three web applications used SOAP based request and response mapping for efficient handling of communication protocols. The testing result stated that the ISSO scheme fights against the attacks that were present in current SSO scheme.

Sign in / Sign up

Export Citation Format

Share Document