Abstract
Objective: Single Sign-On (SSO) mechanism mitigates the complexity by providing a single set of login credentials for disparate systems. The main objective of SSO in mission critical applications is to provide a most trusted authentication provider while ensuring the secured online service. Methods: Exploiting third party identity provider leads Open ID connect to not fit in banking services. Since traditional banking systems refuse to disclose the user-sensitive information to any third party, the conventional models lack in maintaining the consistent revocation model. However, the maintenance of user details at server needs to follow the consistent revocation model at all connected banks. The conventional SSO protocols follow different ways to develop the access control policies to recognize the user identity. However, the banking services need role-based access control policy. Findings: In order to provide the secure SSO to banking services, this work presents the extended Open ID connect protocol with additional security features which are more suitable to the online banking systems. The extended Open ID connect provides the role of identity provider to RBI which is a centralized authority to connect all the banks and their user accounts. It exploits the chaotic sequence encryption algorithm to dynamically manage the session, which facilitates the common revocation model. This restricts the impersonation, modification, and eavesdropping attacks while accessing the online banking services with SSO mechanism. The request identification and validation using random user ID in every subsequent page access ensures the security of the online transaction. Moreover, the request identification and validation using random user ID in every subsequent page access ensures the security of the online transaction. Application/Improvements: The proposed model tightens the security of Open ID connect with the support of Chaotic sequence encryption, common revocation model, and request identification. It successfully extends the usage of SSO to mission critical applications. Keywords: Banking Service, Chaotic Sequence Encryption, Open ID connect, Revocation, Identity Provider
Highlights
Nowadays, mission-critical applications like online banking applications are widely used among the internet users
Mission critical application plays a crucial role in the survival of the business activities, including retail or banking systems, airline reservations, border security, and logistics
The Open ID Connect is designed for the consumer-tosocial-network scenario, and it does not fulfill the solid security features enforced by mission critical applications
Summary
Mission-critical applications like online banking applications are widely used among the internet users. Plays a prominent role in resolving the difficulties of handling the credentials when the user relies on the multiple sign-on mechanisms It enables the users with a single set of user ID and password to access the disparate systems, which facilitates beneficial offers including remembrance of a single login credential and simple system maintenance. Security Assertion Markup Language (SAML), Central Authentication Service (CAS), Lightweight Directory Access Protocol (LDAP), OAuth[2], and Open ID Connect are the existing SSO authentication protocols[2] These existing SSO protocols are inappropriate for secure banking operations since SSO requires the system to provide the mission-critical data to the third party to maintain the single user ID and password for multiple applications[3]. To cope with the secured banking systems, the proposed system enhances the traditional Open ID connect with the extended authentication method
Sign-in/Register to view highlights & summary 
Published Version (
Free)
Talk to us
Join us for a 30 min session where you can share your feedback and ask us any queries you have
Schedule a call