International Journal of Computer Applications |
Foundation of Computer Science (FCS), NY, USA |
Volume 89 - Number 4 |
Year of Publication: 2014 |
Authors: Vishal Patel, Riddhi Patel |
10.5120/15489-4227 |
Vishal Patel, Riddhi Patel . Improving the Security of SSO in Distributed Computer Network using Digital Certificate and one Time Password (OTP). International Journal of Computer Applications. 89, 4 ( March 2014), 10-14. DOI=10.5120/15489-4227
A Single Sign–on is a new authentication mechanism for user to use multiple services provided by service provider in distributed computer network. It is a one type of application in that allows users to log in once and access to multiple independent applications without being asked to log in again at every application. It enables a legal user with a single credential to be authenticated by multiple service providers in distributed computer networks. This scheme has security flaws. Service provider is fail to credential privacy and authentication. There is two types of impersonation attacks. First attack is credential recovery attack and impersonation. In this attack the attacker act as harm full service provider, who has successfully communicated with a legal user twice to get the identity of a legal user. In another attack the attacker use the services impersonating any legal user or a nonexistent user without credentials. In this we analyze those security flaws & propose solution for those flaws. We have to recover these two types of attacks.