A page token prototype of OpenID single sign-on (SSO) to thwart phishing attack
Single Sign-on (SSO) authentication was introduced to overcome the problem of password memorability issue by enabling the users to login once using a set of username and password that allows an access into multiple websites.Among several SSO protocol, OpenID is said to offer flexibility and security...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Language: | English |
| Published: |
Universiti Teknikal Malaysia Melaka
2016
|
| Subjects: | |
| Online Access: | http://repo.uum.edu.my/20534/1/JTEC%208%2010%202016%2059%2066.pdf http://repo.uum.edu.my/20534/ http://journal.utem.edu.my/index.php/jtec/article/view/1372 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Summary: | Single Sign-on (SSO) authentication was introduced to overcome the problem of password memorability issue by enabling the users to login once using a set of username and password that allows an access into multiple websites.Among several SSO protocol, OpenID is said to offer flexibility and security. Unfortunately, the existing OpenID model is prone to phishing attack due to lack of countermeasures to ensure authenticity of OpenID provider. In view of the proliferation of phishing attack that exposed users to fraud website, information theft and unauthorized disclosure, this study attempts to identify and propose a suitable countermeasure in order to thwart phishing attack in OpenID environment. Therefore, this study intends to develop a prototype that implements Page Token in order to mitigate phishing attack.The findings revealed that the Page Token is possible to minimize the potential risk of phishing attack. |
|---|