Single Sign-on Mechanism for Secure Web Service Access through ISSO

Abstract

Single sign-on (SSO) is an emerging and more secure authentication mechanism that enables an authorized user with a single username/password to be authenticated by many service providers in a distributed network system. The existing technique used SSO scheme and it has achieved security by applying well-organized security parameters and its improved scheme introduced Verifiable Encryption of Signatures (RSA-VES). But the improvement of both the techniques with respect to security is not fully accomplished. We identified two attacks in existing SSO techniques. The first attack permits a malicious service provider to successfully communicate with a legal user more than one time and to recover the authenticated username/password and then to impersonate the service consumer to grant access to web resources and web services provided by other SP (Service Provider). Another attack is that a third party without any security credential may be able to access network services easily by impersonating some legal user or a fictional user. In our proposed work we introduced Improved Single sign-on (ISSO) scheme, which prevents Credential recovery attack, Impersonation attack and Data injection attack. We used the modified version of JMeter open source tool for generating the test report of the particular web apps. We implemented three web applications which provide financial solutions to customers. These three web applications used SOAP based request and response mapping for efficient handling of communication protocols. The testing result stated that the ISSO scheme fights against the attacks that were present in current SSO scheme.