Authentication Algorithm Based on Hash-Tree for Web Single Sign-On

Authentication Algorithm Based on Hash-Tree for Web Single Sign-On

During the authentication process of web-based single sign-on system, it is insecure that all authentication messages are forwarded by the browser, and its integrity protection is not comprehensive. This vulnerability can be exploited by attackers to bypass the authentication systems, login any acco...

Ausführliche Beschreibung

Gespeichert in:
Bibliographische Detailangaben
Veröffentlicht in:Applied Mechanics and Materials 2014-01, Vol.490-491 (Mechanical Design and Power Engineering), p.1368-1373
Hauptverfasser: Wei, Qiang, Ren, Dong, Wu, Ze Hui, Tao, Rong Hua
Format: Artikel
Sprache:eng
Schlagworte:
Acceptability
Access control to computer data
Algorithms
Authentication
Computer information security
Computer simulation
Integrity
Messages
Online-Zugang:Volltext
Tags: Tag hinzufügen
Keine Tags, Fügen Sie den ersten Tag hinzu!
Beschreibung
Zusammenfassung:During the authentication process of web-based single sign-on system, it is insecure that all authentication messages are forwarded by the browser, and its integrity protection is not comprehensive. This vulnerability can be exploited by attackers to bypass the authentication systems, login any account. In this work we analyze the vulnerability threat model and its root causes in detail, and propose an authentication algorithm based on Hash-tree. This algorithm can not only improve the security of the system, but the processing efficiency of the system is also acceptable according to the simulation results.
ISSN:1660-9336
1662-7482
1662-7482
DOI:10.4028/www.scientific.net/AMM.490-491.1368