Browse > Article
http://dx.doi.org/10.13089/JKIISC.2014.24.5.769

A Study on Secure and Improved Single Sign-On Authentication System against Replay Attack  

Kim, Hyun-Jin (Department of Computer Software Engineering, Soonchunhyang University)
Lee, Im-Yeong (Department of Computer Software Engineering, Soonchunhyang University)
Publication Information
Journal of the Korea Institute of Information Security & Cryptology / v.24, no.5, 2014 , pp. 769-780 More about this Journal
Abstract
In general, internet users need to remember several IDs and passwords when they use diverse web sites. From an effective management perspective, SSO system was suggested to reduce user inconvenience. Kerberos authentication, which uses centralized system management, is a typical example of a broker-based SSO authentication model. However, further research is required, because the existing Kerberos authentication system has security vulnerability problems of password and replay attacks. In SSO authentication systems, a major security vulnerability is the replay attack. When user credentials are seized by attackers, an authorized session can be obtained through a replay attack. In this paper, an improved SSO authentication model based on the broker-based model and a secure lightweight SSO mechanism against credential replay attack is proposed.
Keywords
Single Sign-On; Authentication; Credential Privacy;
Citations & Related Records
Times Cited By KSCI : 2  (Citation Analysis)
연도 인용수 순위
1 A. Volchkov, "Revisiting Single Sign-On:A Pragmatic Approach in a New Context," IT Professionals, vol. 3, no. 1, pp. 39-45, Feb. 2001.
2 Dae-Hee Seo and Im-Yeong Lee, "A Study on Single Sign-On Authentication Model using Multi Agent," The Journal of Korea Information and Communications Society, 29(7C), pp. 997-1006, June. 2004   과학기술학회마을
3 Yang Jian, "An Improved Scheme of Single Sign-on Protocol," Fifth International Conference on Information Assurance and Security, vol. 1, pp. 495-498, Aug. 2009.
4 Seung-Ah Lee, "A Robust SSO(Single Sign-On) Authentication Method against Replay Attack," M.S. Thesis, Chonbuk National University, Feb. 2012
5 Hyun-Jin Kim and Im-Yeong Lee, "A Study on Secure Lightweight Single Sign-On Mechanism against Credential Replay Attack," The 40th Conference of the KIPS, pp. 811-814, Nov. 2013
6 Soo-Jin Park, Il-Sun You and Yong-Rak Choi, "Requirements Analysis for the Design of SSO Service System," Conference of the KSII, pp. 378-382, May. 2001
7 C. Neuman, S. Hartman, K. Raeburn, and T. Yu, "The Kerberos Network Authentication Service(V5)," RFC 4120, July. 2005.
8 Young-Jae Maeng and Dae-Hun Nyang, "An Analysis of Replay Attack Vulnerability on Single Sign-On Solutions", Journal of The Korea Institute of Information Security & Cryptology, 18(1), pp. 103-114, Feb. 2008   과학기술학회마을