University of Twente Student Theses
Balancing security and usability in Web Single Sign-On
Ahmed, A.B.H. (2020) Balancing security and usability in Web Single Sign-On.
PDF
2MB |
Abstract: | Web Single Sign-On (SSO) systems enable users to access multiple enterprise services by authenticating once to the enterprise Identity Provider (IdP). Although SSO improves usability, the current SSO implementations work on a per-user-application basis. This means that users still need to authenticate for every application they use on the same device. Moreover, Web SSO systems rely on Multi-Factor Authentication (MFA) to achieve a high-level of security, while requiring MFA for each used application leads to frequent user annoyance. The thesis addresses this problem by proposing a novel method for synchronizing authentication information across local applications. This is achieved by using a local agent that acts as a local IdP for local applications and as a local application to the main IdP. Furthermore, current SSO implementations do not provide a mechanism for the IdP to synchronously push security updates (e.g., a change of authorization) to Service Providers (SPs) without terminating the session. We address this problem by proposing a novel SSO authentication mechanism that allows the IdP to synchronously update the current user authorization with no need for session termination (if not necessary). |
Item Type: | Essay (Master) |
Clients: | Cisco Systems Netherlands, Amsterdam, Netherlands |
Faculty: | EEMCS: Electrical Engineering, Mathematics and Computer Science |
Subject: | 54 computer science |
Programme: | Computer Science MSc (60300) |
Link to this item: | https://purl.utwente.nl/essays/81458 |
Export this item as: | BibTeX EndNote HTML Citation Reference Manager |
Repository Staff Only: item control page