DESIGN AND IMPLEMENTATION OF SECURE SINGLE SIGN ON (SSO) SCHEME USING MULTIFACTOR AUTHENTICATION AND OAUTH 2.0 MODIFICATION PROTOCOL
The Single Sign On (SSO) authentication scheme is one of the access controls that allow users to perform a one-time authentication process for various services on the internet using a unique ID. The most commonly used SSO scheme is OAuth 2.0. A Common attribute for the authentication process is u...
Saved in:
| Main Author: | |
|---|---|
| Format: | Theses |
| Language: | Indonesia |
| Online Access: | https://digilib.itb.ac.id/gdl/view/66699 |
| Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
| Institution: | Institut Teknologi Bandung |
| Language: | Indonesia |
| id |
id-itb.:66699 |
|---|---|
| spelling |
id-itb.:666992022-07-11T15:22:12ZDESIGN AND IMPLEMENTATION OF SECURE SINGLE SIGN ON (SSO) SCHEME USING MULTIFACTOR AUTHENTICATION AND OAUTH 2.0 MODIFICATION PROTOCOL Pradipta, Riski Indonesia Theses SSO, SFA, OAuth, cryptography, encryption, confidentiality, data integrity, and non-repudiation. INSTITUT TEKNOLOGI BANDUNG https://digilib.itb.ac.id/gdl/view/66699 The Single Sign On (SSO) authentication scheme is one of the access controls that allow users to perform a one-time authentication process for various services on the internet using a unique ID. The most commonly used SSO scheme is OAuth 2.0. A Common attribute for the authentication process is username and password pair. The use of a single attribute in the authentication process is called Single Factor Authentication (SFA), which is not recommended for critical information systems. In this research, an authentication scheme has been designed by implementing multifactor authentication using a modified OAuth protocol. The modified OAuth protocol aims to improve data security by implementing cryptographic algorithms such as AES encryption algorithm, SHA-256 hash function, HMAC scheme, ECIES elliptic curve algorithm, and RSA public key algorithm. The result of the proposed secure SSO scheme has passed the test using the scyhter tool and has been implemented in web and mobile based applications. The implementation results show that the secure SSO scheme is resistant to illegal retrieval of authorization codes and access tokens. The implementation of cryptographic nonce and digital signature can prevent and minimize the potential for replay attacks. The attainable aspects of the Secure SSO scheme are confidentiality, data integrity, and non-repudiation. Based on the implementation comparison between Secure SSO scheme with the standard SSO scheme, it is known that the average difference in data processing time for each process is 0.15 seconds per process. text |
| institution |
Institut Teknologi Bandung |
| building |
Institut Teknologi Bandung Library |
| continent |
Asia |
| country |
Indonesia Indonesia |
| content_provider |
Institut Teknologi Bandung |
| collection |
Digital ITB |
| language |
Indonesia |
| description |
The Single Sign On (SSO) authentication scheme is one of the access controls that
allow users to perform a one-time authentication process for various services on
the internet using a unique ID. The most commonly used SSO scheme is OAuth 2.0.
A Common attribute for the authentication process is username and password pair.
The use of a single attribute in the authentication process is called Single Factor
Authentication (SFA), which is not recommended for critical information systems.
In this research, an authentication scheme has been designed by implementing
multifactor authentication using a modified OAuth protocol. The modified OAuth
protocol aims to improve data security by implementing cryptographic algorithms
such as AES encryption algorithm, SHA-256 hash function, HMAC scheme, ECIES
elliptic curve algorithm, and RSA public key algorithm.
The result of the proposed secure SSO scheme has passed the test using the scyhter
tool and has been implemented in web and mobile based applications. The
implementation results show that the secure SSO scheme is resistant to illegal
retrieval of authorization codes and access tokens. The implementation of
cryptographic nonce and digital signature can prevent and minimize the potential
for replay attacks. The attainable aspects of the Secure SSO scheme are
confidentiality, data integrity, and non-repudiation. Based on the implementation
comparison between Secure SSO scheme with the standard SSO scheme, it is known
that the average difference in data processing time for each process is 0.15 seconds
per process. |
| format |
Theses |
| author |
Pradipta, Riski |
| spellingShingle |
Pradipta, Riski DESIGN AND IMPLEMENTATION OF SECURE SINGLE SIGN ON (SSO) SCHEME USING MULTIFACTOR AUTHENTICATION AND OAUTH 2.0 MODIFICATION PROTOCOL |
| author_facet |
Pradipta, Riski |
| author_sort |
Pradipta, Riski |
| title |
DESIGN AND IMPLEMENTATION OF SECURE SINGLE SIGN ON (SSO) SCHEME USING MULTIFACTOR AUTHENTICATION AND OAUTH 2.0 MODIFICATION PROTOCOL |
| title_short |
DESIGN AND IMPLEMENTATION OF SECURE SINGLE SIGN ON (SSO) SCHEME USING MULTIFACTOR AUTHENTICATION AND OAUTH 2.0 MODIFICATION PROTOCOL |
| title_full |
DESIGN AND IMPLEMENTATION OF SECURE SINGLE SIGN ON (SSO) SCHEME USING MULTIFACTOR AUTHENTICATION AND OAUTH 2.0 MODIFICATION PROTOCOL |
| title_fullStr |
DESIGN AND IMPLEMENTATION OF SECURE SINGLE SIGN ON (SSO) SCHEME USING MULTIFACTOR AUTHENTICATION AND OAUTH 2.0 MODIFICATION PROTOCOL |
| title_full_unstemmed |
DESIGN AND IMPLEMENTATION OF SECURE SINGLE SIGN ON (SSO) SCHEME USING MULTIFACTOR AUTHENTICATION AND OAUTH 2.0 MODIFICATION PROTOCOL |
| title_sort |
design and implementation of secure single sign on (sso) scheme using multifactor authentication and oauth 2.0 modification protocol |
| url |
https://digilib.itb.ac.id/gdl/view/66699 |
| _version_ |
1822933121917517824 |