The requirement model for improved openID single Sign-On (SSO) authentication to thwart phishing attack
The problem of password memorability among users has led to the introduction of Single Sign-On (SSO) authentication. It enables users to login using a set of username and password which then allows an access into multiple websites without the hassle of repeating the same usernames and passwords. One...
Saved in:
| Main Authors: | , , , , |
|---|---|
| Format: | Article |
| Published: |
American Scientific Publishers
2017
|
| Subjects: | |
| Online Access: | http://repo.uum.edu.my/25683/ http://doi.org/10.1166/asl.2017.7388 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| id |
my.uum.repo.25683 |
|---|---|
| record_format |
eprints |
| spelling |
my.uum.repo.256832019-02-28T03:16:47Z http://repo.uum.edu.my/25683/ The requirement model for improved openID single Sign-On (SSO) authentication to thwart phishing attack Zakaria, Nur Haryani Mat Nayan, Nadia Hasidah Mohamad Tahir, Hatim Katuk, Norliza Mohammed, Abubakar QA75 Electronic computers. Computer science The problem of password memorability among users has led to the introduction of Single Sign-On (SSO) authentication. It enables users to login using a set of username and password which then allows an access into multiple websites without the hassle of repeating the same usernames and passwords. One of the most common SSO protocol is OpenID which is said to offer flexibility and security. Unfortunately, the existing OpenID model is prone to phishing attack whereby there is a lack of mechanism to ensure the authenticity of the OpenID provider. This scenario complicates the situation especially when there exists tools to generate phishing attacks are easily available without requiring much technical expertise. Moreover, users awareness are claimed to be insufficient to rely on since statistics of phishing attacks are shown to be increasing. Thus, this research attempts to propose page token as a mechanism to thwart phishing attack. This research produced and evaluated an improved requirement model that incorporates the page token as proposed mechanism. The outcomes show promising result towards the effort of thwarting phishing attacks. American Scientific Publishers 2017 Article PeerReviewed Zakaria, Nur Haryani and Mat Nayan, Nadia Hasidah and Mohamad Tahir, Hatim and Katuk, Norliza and Mohammed, Abubakar (2017) The requirement model for improved openID single Sign-On (SSO) authentication to thwart phishing attack. Advanced Science Letters, 23 (6). pp. 5410-5414. ISSN 1936-6612 http://doi.org/10.1166/asl.2017.7388 doi:10.1166/asl.2017.7388 |
| institution |
Universiti Utara Malaysia |
| building |
UUM Library |
| collection |
Institutional Repository |
| continent |
Asia |
| country |
Malaysia |
| content_provider |
Universiti Utara Malaysia |
| content_source |
UUM Institutionali Repository |
| url_provider |
http://repo.uum.edu.my/ |
| topic |
QA75 Electronic computers. Computer science |
| spellingShingle |
QA75 Electronic computers. Computer science Zakaria, Nur Haryani Mat Nayan, Nadia Hasidah Mohamad Tahir, Hatim Katuk, Norliza Mohammed, Abubakar The requirement model for improved openID single Sign-On (SSO) authentication to thwart phishing attack |
| description |
The problem of password memorability among users has led to the introduction of Single Sign-On (SSO) authentication. It enables users to login using a set of username and password which then allows an access into multiple websites without the hassle of repeating the same usernames and passwords. One of the most common SSO protocol is OpenID which is said to offer flexibility and security. Unfortunately, the existing OpenID model is prone to phishing attack whereby there is a lack of mechanism to ensure the authenticity of the OpenID provider. This scenario complicates the situation especially when there exists tools to generate phishing attacks are easily available without requiring much technical expertise. Moreover, users awareness are claimed to be insufficient to rely on since statistics of phishing attacks are shown to be increasing. Thus, this research attempts to propose page token as a mechanism to thwart phishing attack. This research produced and evaluated an improved requirement model that incorporates the page token as proposed mechanism. The outcomes show promising result towards the effort of thwarting phishing attacks. |
| format |
Article |
| author |
Zakaria, Nur Haryani Mat Nayan, Nadia Hasidah Mohamad Tahir, Hatim Katuk, Norliza Mohammed, Abubakar |
| author_facet |
Zakaria, Nur Haryani Mat Nayan, Nadia Hasidah Mohamad Tahir, Hatim Katuk, Norliza Mohammed, Abubakar |
| author_sort |
Zakaria, Nur Haryani |
| title |
The requirement model for improved openID single Sign-On (SSO) authentication to thwart phishing attack |
| title_short |
The requirement model for improved openID single Sign-On (SSO) authentication to thwart phishing attack |
| title_full |
The requirement model for improved openID single Sign-On (SSO) authentication to thwart phishing attack |
| title_fullStr |
The requirement model for improved openID single Sign-On (SSO) authentication to thwart phishing attack |
| title_full_unstemmed |
The requirement model for improved openID single Sign-On (SSO) authentication to thwart phishing attack |
| title_sort |
requirement model for improved openid single sign-on (sso) authentication to thwart phishing attack |
| publisher |
American Scientific Publishers |
| publishDate |
2017 |
| url |
http://repo.uum.edu.my/25683/ http://doi.org/10.1166/asl.2017.7388 |
| _version_ |
1644284396148097024 |
| score |
13.209306 |