A page token prototype of OpenID single sign-on (SSO) to thwart phishing attack

Single Sign-on (SSO) authentication was introduced to overcome the problem of password memorability issue by enabling the users to login once using a set of username and password that allows an access into multiple websites.Among several SSO protocol, OpenID is said to offer flexibility and security...

Full description

Saved in:
Bibliographic Details
Main Authors: Zakaria, Nur Haryani, Wan Yaacob, Wan Mohd Yusoff, Katuk, Norliza, Mohamad Tahir, Hatim, Omar, Mohd Nizam
Format: Article
Language:English
Published: Universiti Teknikal Malaysia Melaka 2016
Subjects:
Online Access:http://repo.uum.edu.my/20534/1/JTEC%208%2010%202016%2059%2066.pdf
http://repo.uum.edu.my/20534/
http://journal.utem.edu.my/index.php/jtec/article/view/1372
Tags: Add Tag
No Tags, Be the first to tag this record!
Description
Summary:Single Sign-on (SSO) authentication was introduced to overcome the problem of password memorability issue by enabling the users to login once using a set of username and password that allows an access into multiple websites.Among several SSO protocol, OpenID is said to offer flexibility and security. Unfortunately, the existing OpenID model is prone to phishing attack due to lack of countermeasures to ensure authenticity of OpenID provider. In view of the proliferation of phishing attack that exposed users to fraud website, information theft and unauthorized disclosure, this study attempts to identify and propose a suitable countermeasure in order to thwart phishing attack in OpenID environment. Therefore, this study intends to develop a prototype that implements Page Token in order to mitigate phishing attack.The findings revealed that the Page Token is possible to minimize the potential risk of phishing attack.