DESIGN AND IMPLEMENTATION OF SECURE SINGLE SIGN ON (SSO) SCHEME USING MULTIFACTOR AUTHENTICATION AND OAUTH 2.0 MODIFICATION PROTOCOL

DESIGN AND IMPLEMENTATION OF SECURE SINGLE SIGN ON (SSO) SCHEME USING MULTIFACTOR AUTHENTICATION AND OAUTH 2.0 MODIFICATION PROTOCOL

The Single Sign On (SSO) authentication scheme is one of the access controls that allow users to perform a one-time authentication process for various services on the internet using a unique ID. The most commonly used SSO scheme is OAuth 2.0. A Common attribute for the authentication process is u...

Full description

Saved in:
Bibliographic Details
Main Author: Pradipta, Riski
Format: Theses
Language:Indonesia
Online Access:https://digilib.itb.ac.id/gdl/view/66699
Tags: Add Tag
No Tags, Be the first to tag this record!
Institution: Institut Teknologi Bandung
Language: Indonesia
Description
Summary:The Single Sign On (SSO) authentication scheme is one of the access controls that allow users to perform a one-time authentication process for various services on the internet using a unique ID. The most commonly used SSO scheme is OAuth 2.0. A Common attribute for the authentication process is username and password pair. The use of a single attribute in the authentication process is called Single Factor Authentication (SFA), which is not recommended for critical information systems. In this research, an authentication scheme has been designed by implementing multifactor authentication using a modified OAuth protocol. The modified OAuth protocol aims to improve data security by implementing cryptographic algorithms such as AES encryption algorithm, SHA-256 hash function, HMAC scheme, ECIES elliptic curve algorithm, and RSA public key algorithm. The result of the proposed secure SSO scheme has passed the test using the scyhter tool and has been implemented in web and mobile based applications. The implementation results show that the secure SSO scheme is resistant to illegal retrieval of authorization codes and access tokens. The implementation of cryptographic nonce and digital signature can prevent and minimize the potential for replay attacks. The attainable aspects of the Secure SSO scheme are confidentiality, data integrity, and non-repudiation. Based on the implementation comparison between Secure SSO scheme with the standard SSO scheme, it is known that the average difference in data processing time for each process is 0.15 seconds per process.

Similar Items