Title: A study on a secure single sign-on for user authentication information privacy in distributed computing environment
Authors: Hyun-Jin Kim; Im-Yeong Lee
Addresses: Department of Computer Software Engineering, Soonchunhyang University, 646, Eumnae-ri, Sinchang-myeon, Asan-si, Chungcheongnam-do, 336-745, South Korea ' Department of Computer Software Engineering, Soonchunhyang University, 646, Eumnae-ri, Sinchang-myeon, Asan-si, Chungcheongnam-do, 336-745, South Korea
Abstract: Difficulties exist in managing password tapping in communication and each server in the existing password authentication scheme. The concept of single sign-on (SSO), which allows one to use linked computing resources and services following only a single authentication, as in general web-based services, was introduced in the distributed computing environment. The major security vulnerabilities for SSO authentication systems are authentication and replay attack. When a user's authentication information is intercepted by an attacker, a normal session can be acquired through a simple replay attack. Accordingly, various studies are being carried out, domestically and internationally, on SSO authentication techniques. For example, some studies use various digital signature methods such as the symmetric key-based algorithm, the RSA signature algorithm, and the Schnorr signature algorithm. Accordingly, this paper proposes a token-based, and NIZK verification-based SSO authentication techniques that provide privacy for user authentication information.
Keywords: single sign-on; SSO; authentication information privacy; privacy protection; distributed computing environment; DCE.
International Journal of Communication Networks and Distributed Systems, 2017 Vol.19 No.1, pp.28 - 45
Received: 06 Jul 2015
Accepted: 23 Feb 2016
Published online: 05 Jun 2017 *