【 摘 要 】

Single sign-on (SSO) is a session authentication process that allows a user to login by using user registered identity and password in order to access appropriate applications. The authentication process takes the user in to login for all the applications they have been given rights to and eliminates further prompts when they switch applications during a particular session. Its implementation will provide a reduction of password burden to access many applications for every login process. Ease of access through a single account needs to be addressed carefully to ensure the authentication credentials that are not scattered and known by others. Currently, there are several open source SSO authentication methods available. However, the use of existing authentication methods is still vulnerable to attack, such as Man-In-The-Middle. In this study, SSO authentication algorithm using One-Time Password (OTP) is proposed using a combination of time synchronization and salt value. These combinations are used to verify user session while accessing any application with SSO mechanism. The results show that the proposed OTP algorithm can handle SSO authentication process in good fashion and also protect from Man-In-The-Middle Attack.

【 授权许可】

Unknown