By Topic

Single Sign-On Assistant: An Authentication Broker for Web Applications

Sign In

Cookies must be enabled to login.After enabling cookies , please use refresh or reload or ctrl+f5 on the browser for the login options.

Formats Non-Member Member
$33 $13
Learn how you can qualify for the best price for this item!
Become an IEEE Member or Subscribe to
IEEE Xplore for exclusive pricing!
close button

puzzle piece

IEEE membership options for an individual and IEEE Xplore subscriptions for an organization offer the most affordable access to essential journal articles, conference papers, standards, eBooks, and eLearning courses.

Learn more about:

IEEE membership

IEEE Xplore subscriptions

2 Author(s)
Fei Zhu ; Sch. of Comput. Sci. & Technol., Soochow Univ., Suzhou, China ; Hongjun Diao

Web-based systems are now widely used in many fields. Users are usually required to conduct identity authentication separately when logging in different systems before getting service. For the sake of security, it is improper to use a global identifier and password among several systems. Many approaches are proposed to solve the problem, among which single sign-on (SSO) is most popular schema with which a user logs in once and gains access to all systems without having to log in again. We put up a single sign-on assistant, called SSOA, for web-based applications. SSOA is an authentication broker and is implemented as plug-in installed in client side. When a user visits a web-based system using explorer, SSOA distills HTTP POST data, HTTP header used for login, reference address and authorization URI, and then constructs HTTP POST compatible data used for validation using the data returned by authentication broker server. Once a user is validated by SSOA, he can use systems and resources registered in SSOA by means of cached credential list. Due to the cached credential list, SSOA avoid adding excessive additional overhead and response time. SSOA communicates with authentication server via web service by SSL, thus obtaining as much generality as possible. SSOA achieves uniform identity authentication among heterogeneous systems, and attains most generality, simplicity and scalability with least cost as well.

Published in:

Knowledge Discovery and Data Mining, 2010. WKDD '10. Third International Conference on

Date of Conference:

9-10 Jan. 2010