Extending OpenID Connect Towards Mission Critical Applications-Reference-Cited by-同舟云学术

Extending OpenID Connect Towards Mission Critical Applications

Published:2018-09-01 Issue:3 Volume:18 Page:93-110
ISSN:1314-4081
Container-title:Cybernetics and Information Technologies
language:en
Short-container-title:

Author:

Deeptha R.¹,Mukesh Rajeswari²

Affiliation:

1. Dept.of Information Technology , Hindustan University , Padur, Tamil Nadu, India

2. Dept.of the School of Computing Sciences , Hindustan University , Padur, Tamil Nadu, India

Abstract

Abstract Single Sign-On (SSO) decreases the complexity and eases the burden of managing many accounts with a single authentication mechanism. Mission critical application such as banking demands highly trusted identity provider to authenticate its users. The existing SSO protocol such as OpenID Connect protocol provides secure SSO but it is applicable only in the consumer-to-social-network scenarios. Owing to stringent security requirements, the SSO for banking service necessitates a highly trusted identity provider and a secured private channel for user access. The banking system depends on a dedicated central banking authority which controls the monetary policy and it must assume the role of the identity provider. This paper proposes an extension of OpenID Connect protocol that establishes a central identity provider for bank users, which facilitates the users to access different accounts using single login information. The proposed Enhanced OpenID Connect (EOIDC) modifies the authorization code flow of OpenID Connect to build a secure channel from a single trusted identity provider that supports multiple banking services. Moreover, the EOIDC tightens the security mechanism with the help of SAT to avoid impersonation attack using replay and redirect. The formal security analysis and validation demonstrate the strength of the EOIDC against possible attacks such as impersonation, eavesdropping, and a brute force login. The experimental results reveal that the proposed EOIDC system is efficient in providing secured SSO protocol for banking services.

Publisher

Walter de Gruyter GmbH

Subject

General Computer Science

Link

https://www.sciendo.com/pdf/10.2478/cait-2018-0041

Reference36 articles.

1. 1. Pashalidis, A., C. J. Mitchell. A Taxonomy of Single Sign-on Systems. – In: Proc. of 8th Australasian Conference on Information Security and Privacy, Vol. 27, 2003, No 27, Springer, pp. 249-264.10.1007/3-540-45067-X_22

2. 2. Lewis, K. D., J. E. Lewis. Web Single Sign-on Authentication Using SAML. – International Journal of Computer Science Issues, Vol. 2, 2009, pp. 41-48.

3. 3. Li, W., C. J. Mitchell. Security Issues in OAuth 2.0 SSO Implementations. – In: Proc. of 17th International Conference on Information Security, Vol. 87, 2014, No 83, Springer, pp. 529-541.10.1007/978-3-319-13257-0_34

4. 4. Bai, G., J. Lei, G. Meng, S. S. Venkatraman et al. AUTHSCAN: Automatic Extraction of Web Authentication Protocols from Implementations. – In: Proc. of Network and Distributed System Security Symposium, 2013.

5. 5. Zhang, L., H.-y. Ning, Y.-y. Du, Y.-x. Cui, Y. Yang. A New Identity Authentication Scheme of Single Sign on for Multi-Database. – In: Proc. of 7th IEEE International Conference on Software Engineering and Service Science, 2016.

Cited by 3 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. A Novel Secure and Privacy-Preserving Model for OpenID Connect Based on Blockchain;IEEE Access;2023

2. OIDC-TCI: OIDC with Trust Context Information;2022 14th IFIP Wireless and Mobile Networking Conference (WMNC);2022-10-17

3. Evaluation of Secure OpenID-Based RAAA User Authentication Protocol for Preventing Specific Web Attacks in Web Apps;2020 IEEE 11th International Conference on Software Engineering and Service Science (ICSESS);2020-10-16