SlideShare a Scribd company logo

Android security analysis of a single sign-on mechanism for distributed computer networks

E
Ecway2004
1 of 1
Download to read offline
ECWAY TECHNOLOGIES IEEE PROJECTS & SOFTWARE DEVELOPMENTS OUR OFFICES @ CHENNAI / TRICHY / KARUR / ERODE / MADURAI / SALEM / COIMBATORE CELL: +91 98949 17187, +91 875487 2111 / 3111 / 4111 / 5111 / 6111 VISIT: www.ecwayprojects.com MAIL TO: ecwaytechnologies@gmail.com SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS ABSTRACT: In this paper, however, we demonstrative that their scheme is actually insecure as it fails to meet credential privacy and soundness of authentication. Specifically, we present two impersonation attacks. The first attack allows a malicious service provider, who has successfully communicated with a legal user twice, to recover the user’s credential and then to impersonate the user to access resources and services offered by other service providers. In another attack, an outsider without any credential may be able to enjoy network services freely by impersonating any legal user or a nonexistent user. We identify the flaws in their security arguments to explain why attacks are possible against their SSO scheme. Our attacks also apply to another SSO scheme proposed by Hsu and Chuang, which inspired the design of the Chang–Lee scheme. Moreover, by employing an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an improvement for repairing the Chang–Lee scheme.

Recommended

Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Ecway Technologies
 
Secure Code Warrior - Poor authorization and authentication
Secure Code Warrior - Poor authorization and authenticationSecure Code Warrior - Poor authorization and authentication
Secure Code Warrior - Poor authorization and authenticationSecure Code Warrior
 
Secure Code Warrior - Client side injection
Secure Code Warrior - Client side injectionSecure Code Warrior - Client side injection
Secure Code Warrior - Client side injectionSecure Code Warrior
 
Web Programming - 12 Authentication and Authorization
Web Programming - 12 Authentication and AuthorizationWeb Programming - 12 Authentication and Authorization
Web Programming - 12 Authentication and AuthorizationAndiNurkholis1
 
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...Nexgen Technology
 
Understandingphone sensor and app data for enhancing security
Understandingphone sensor and app data for enhancing securityUnderstandingphone sensor and app data for enhancing security
Understandingphone sensor and app data for enhancing securityKamal Spring
 
Secure Code Warrior - Fail securely
Secure Code Warrior - Fail securelySecure Code Warrior - Fail securely
Secure Code Warrior - Fail securelySecure Code Warrior
 
How To Protect Mobile Apps and APIs from Attackers
How To Protect Mobile Apps and APIs from AttackersHow To Protect Mobile Apps and APIs from Attackers
How To Protect Mobile Apps and APIs from AttackersCentextech
 

Recommended

Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Ecway Technologies
 
Secure Code Warrior - Poor authorization and authentication
Secure Code Warrior - Poor authorization and authenticationSecure Code Warrior - Poor authorization and authentication
Secure Code Warrior - Poor authorization and authenticationSecure Code Warrior
 
Secure Code Warrior - Client side injection
Secure Code Warrior - Client side injectionSecure Code Warrior - Client side injection
Secure Code Warrior - Client side injectionSecure Code Warrior
 
Web Programming - 12 Authentication and Authorization
Web Programming - 12 Authentication and AuthorizationWeb Programming - 12 Authentication and Authorization
Web Programming - 12 Authentication and AuthorizationAndiNurkholis1
 
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...Nexgen Technology
 
Understandingphone sensor and app data for enhancing security
Understandingphone sensor and app data for enhancing securityUnderstandingphone sensor and app data for enhancing security
Understandingphone sensor and app data for enhancing securityKamal Spring
 
Secure Code Warrior - Fail securely
Secure Code Warrior - Fail securelySecure Code Warrior - Fail securely
Secure Code Warrior - Fail securelySecure Code Warrior
 
How To Protect Mobile Apps and APIs from Attackers
How To Protect Mobile Apps and APIs from AttackersHow To Protect Mobile Apps and APIs from Attackers
How To Protect Mobile Apps and APIs from AttackersCentextech
 
Android scalable and secure sharing of personal health records in cloud comp...
Android scalable and secure sharing of personal health records in cloud comp...Android scalable and secure sharing of personal health records in cloud comp...
Android scalable and secure sharing of personal health records in cloud comp...Ecway2004
 
Android region-based foldings in process discovery
Android region-based foldings in process discoveryAndroid region-based foldings in process discovery
Android region-based foldings in process discoveryEcway2004
 
Android ssd a robust rf location fingerprint addressing mobile devices’ hete...
Android ssd a robust rf location fingerprint addressing mobile devices’ hete...Android ssd a robust rf location fingerprint addressing mobile devices’ hete...
Android ssd a robust rf location fingerprint addressing mobile devices’ hete...Ecway2004
 
Lourenza
LourenzaLourenza
Lourenzamariaysilvia
 
David And Mari Carmen
David And Mari CarmenDavid And Mari Carmen
David And Mari Carmenantoni15
 
Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...
Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...
Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...BANCO SANTANDER
 
Auto evaluacion 3
Auto evaluacion 3Auto evaluacion 3
Auto evaluacion 3crispi2029
 
Cristian Palma Book
Cristian Palma BookCristian Palma Book
Cristian Palma BookCristian Palma
 
Taller+funnciones+del+lenguaje+uniminuto
Taller+funnciones+del+lenguaje+uniminutoTaller+funnciones+del+lenguaje+uniminuto
Taller+funnciones+del+lenguaje+uniminutoalexauribe
 
ElaboraciÓn De Contidos Educativos Ii
ElaboraciÓn De Contidos Educativos IiElaboraciÓn De Contidos Educativos Ii
ElaboraciÓn De Contidos Educativos Iisabelitabonita
 
Autoevaluacion 6
Autoevaluacion 6Autoevaluacion 6
Autoevaluacion 6crispi2029
 
Clipping Yo Dona 11/02/12 @ IED Barcelona
Clipping Yo Dona 11/02/12 @ IED BarcelonaClipping Yo Dona 11/02/12 @ IED Barcelona
Clipping Yo Dona 11/02/12 @ IED BarcelonaIED Barcelona
 
Datos03
Datos03Datos03
Datos03MauricioLesmes
 
Nitin's marriage with Vibha - Invite
Nitin's marriage with Vibha - InviteNitin's marriage with Vibha - Invite
Nitin's marriage with Vibha - InviteNitin Karthy
 
Hoja para cronicas de balontiro 2 (3ª copia)
Hoja para cronicas de balontiro 2 (3ª copia)Hoja para cronicas de balontiro 2 (3ª copia)
Hoja para cronicas de balontiro 2 (3ª copia)Miguel Barrio
 
Como perder 10 kilos
Como perder 10 kilosComo perder 10 kilos
Como perder 10 kilosEliminar Peso Como
 
Linaza adelgazar
Linaza adelgazarLinaza adelgazar
Linaza adelgazarEliminar Peso Como
 
Results2
Results2Results2
Results2dlhervas
 
Computer Assisted Reporting (Redacted)
Computer Assisted Reporting (Redacted)Computer Assisted Reporting (Redacted)
Computer Assisted Reporting (Redacted)Paolo Attivissimo
 
hibridacion en orbitales.
hibridacion en orbitales.hibridacion en orbitales.
hibridacion en orbitales.pamela_howardSaur
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Ecway Technologies
 
Java security analysis of a single sign-on mechanism for distributed compute...
Java security analysis of a single sign-on mechanism for distributed compute...Java security analysis of a single sign-on mechanism for distributed compute...
Java security analysis of a single sign-on mechanism for distributed compute...ecwayerode
 

More Related Content

Viewers also liked

Android scalable and secure sharing of personal health records in cloud comp...
Android scalable and secure sharing of personal health records in cloud comp...Android scalable and secure sharing of personal health records in cloud comp...
Android scalable and secure sharing of personal health records in cloud comp...Ecway2004
 
Android region-based foldings in process discovery
Android region-based foldings in process discoveryAndroid region-based foldings in process discovery
Android region-based foldings in process discoveryEcway2004
 
Android ssd a robust rf location fingerprint addressing mobile devices’ hete...
Android ssd a robust rf location fingerprint addressing mobile devices’ hete...Android ssd a robust rf location fingerprint addressing mobile devices’ hete...
Android ssd a robust rf location fingerprint addressing mobile devices’ hete...Ecway2004
 
David And Mari Carmen
David And Mari CarmenDavid And Mari Carmen
David And Mari Carmenantoni15
 
Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...
Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...
Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...BANCO SANTANDER
 
Auto evaluacion 3
Auto evaluacion 3Auto evaluacion 3
Auto evaluacion 3crispi2029
 
Taller+funnciones+del+lenguaje+uniminuto
Taller+funnciones+del+lenguaje+uniminutoTaller+funnciones+del+lenguaje+uniminuto
Taller+funnciones+del+lenguaje+uniminutoalexauribe
 
ElaboraciÓn De Contidos Educativos Ii
ElaboraciÓn De Contidos Educativos IiElaboraciÓn De Contidos Educativos Ii
ElaboraciÓn De Contidos Educativos Iisabelitabonita
 
Autoevaluacion 6
Autoevaluacion 6Autoevaluacion 6
Autoevaluacion 6crispi2029
 
Clipping Yo Dona 11/02/12 @ IED Barcelona
Clipping Yo Dona 11/02/12 @ IED BarcelonaClipping Yo Dona 11/02/12 @ IED Barcelona
Clipping Yo Dona 11/02/12 @ IED BarcelonaIED Barcelona
 
Nitin's marriage with Vibha - Invite
Nitin's marriage with Vibha - InviteNitin's marriage with Vibha - Invite
Nitin's marriage with Vibha - InviteNitin Karthy
 
Hoja para cronicas de balontiro 2 (3ª copia)
Hoja para cronicas de balontiro 2 (3ª copia)Hoja para cronicas de balontiro 2 (3ª copia)
Hoja para cronicas de balontiro 2 (3ª copia)Miguel Barrio
 
Computer Assisted Reporting (Redacted)
Computer Assisted Reporting (Redacted)Computer Assisted Reporting (Redacted)
Computer Assisted Reporting (Redacted)Paolo Attivissimo
 

Viewers also liked (20)

Android scalable and secure sharing of personal health records in cloud comp...
Android scalable and secure sharing of personal health records in cloud comp...Android scalable and secure sharing of personal health records in cloud comp...
Android scalable and secure sharing of personal health records in cloud comp...
 
Android region-based foldings in process discovery
Android region-based foldings in process discoveryAndroid region-based foldings in process discovery
Android region-based foldings in process discovery
 
Android ssd a robust rf location fingerprint addressing mobile devices’ hete...
Android ssd a robust rf location fingerprint addressing mobile devices’ hete...Android ssd a robust rf location fingerprint addressing mobile devices’ hete...
Android ssd a robust rf location fingerprint addressing mobile devices’ hete...
 
Lourenza
LourenzaLourenza
Lourenza
 
David And Mari Carmen
David And Mari CarmenDavid And Mari Carmen
David And Mari Carmen
 
Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...
Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...
Banco Santander expone en Ávila el monoplaza de Ferrari como apoyo al turismo...
 
Auto evaluacion 3
Auto evaluacion 3Auto evaluacion 3
Auto evaluacion 3
 
Cristian Palma Book
Cristian Palma BookCristian Palma Book
Cristian Palma Book
 
Taller+funnciones+del+lenguaje+uniminuto
Taller+funnciones+del+lenguaje+uniminutoTaller+funnciones+del+lenguaje+uniminuto
Taller+funnciones+del+lenguaje+uniminuto
 
ElaboraciÓn De Contidos Educativos Ii
ElaboraciÓn De Contidos Educativos IiElaboraciÓn De Contidos Educativos Ii
ElaboraciÓn De Contidos Educativos Ii
 
Autoevaluacion 6
Autoevaluacion 6Autoevaluacion 6
Autoevaluacion 6
 
Clipping Yo Dona 11/02/12 @ IED Barcelona
Clipping Yo Dona 11/02/12 @ IED BarcelonaClipping Yo Dona 11/02/12 @ IED Barcelona
Clipping Yo Dona 11/02/12 @ IED Barcelona
 
Datos03
Datos03Datos03
Datos03
 
Nitin's marriage with Vibha - Invite
Nitin's marriage with Vibha - InviteNitin's marriage with Vibha - Invite
Nitin's marriage with Vibha - Invite
 
Hoja para cronicas de balontiro 2 (3ª copia)
Hoja para cronicas de balontiro 2 (3ª copia)Hoja para cronicas de balontiro 2 (3ª copia)
Hoja para cronicas de balontiro 2 (3ª copia)
 
Como perder 10 kilos
Como perder 10 kilosComo perder 10 kilos
Como perder 10 kilos
 
Linaza adelgazar
Linaza adelgazarLinaza adelgazar
Linaza adelgazar
 
Results2
Results2Results2
Results2
 
Computer Assisted Reporting (Redacted)
Computer Assisted Reporting (Redacted)Computer Assisted Reporting (Redacted)
Computer Assisted Reporting (Redacted)
 
hibridacion en orbitales.
hibridacion en orbitales.hibridacion en orbitales.
hibridacion en orbitales.
 

Similar to Android security analysis of a single sign-on mechanism for distributed computer networks

Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Ecway Technologies
 
Java security analysis of a single sign-on mechanism for distributed compute...
Java security analysis of a single sign-on mechanism for distributed compute...Java security analysis of a single sign-on mechanism for distributed compute...
Java security analysis of a single sign-on mechanism for distributed compute...ecwayerode
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...ecway
 
Java security analysis of a single sign-on mechanism for distributed compute...
Java security analysis of a single sign-on mechanism for distributed compute...Java security analysis of a single sign-on mechanism for distributed compute...
Java security analysis of a single sign-on mechanism for distributed compute...Ecway Technologies
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniqueseSAT Publishing House
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniqueseSAT Journals
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDIJNSA Journal
 
Efficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkEfficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkIJERA Editor
 
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...Pvrtechnologies Nellore
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hackingsamprada123
 
Toward a statistical framework for source anonymity in sensor networks
Toward a statistical framework for source anonymity in sensor networksToward a statistical framework for source anonymity in sensor networks
Toward a statistical framework for source anonymity in sensor networksEcwayt
 
Dotnet toward a statistical framework for source anonymity in sensor networks
Dotnet toward a statistical framework for source anonymity in sensor networksDotnet toward a statistical framework for source anonymity in sensor networks
Dotnet toward a statistical framework for source anonymity in sensor networksEcwaytech
 
Toward a statistical framework for source anonymity in sensor networks
Toward a statistical framework for source anonymity in sensor networksToward a statistical framework for source anonymity in sensor networks
Toward a statistical framework for source anonymity in sensor networksEcwaytech
 
Employment Feedback by Securing Data using Anonymous Authentication
Employment Feedback by Securing Data using Anonymous AuthenticationEmployment Feedback by Securing Data using Anonymous Authentication
Employment Feedback by Securing Data using Anonymous AuthenticationIRJET Journal
 
Paper id 35201568
Paper id 35201568Paper id 35201568
Paper id 35201568IJRAT
 
AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...
AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...
AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...pharmaindexing
 

Similar to Android security analysis of a single sign-on mechanism for distributed computer networks (20)

Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...
 
Java security analysis of a single sign-on mechanism for distributed compute...
Java security analysis of a single sign-on mechanism for distributed compute...Java security analysis of a single sign-on mechanism for distributed compute...
Java security analysis of a single sign-on mechanism for distributed compute...
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...
 
Java security analysis of a single sign-on mechanism for distributed compute...
Java security analysis of a single sign-on mechanism for distributed compute...Java security analysis of a single sign-on mechanism for distributed compute...
Java security analysis of a single sign-on mechanism for distributed compute...
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniques
 
Survey on cloud computing security techniques
Survey on cloud computing security techniquesSurvey on cloud computing security techniques
Survey on cloud computing security techniques
 
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORDAN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD
 
Efficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed NetworkEfficient and Secure Single Sign on Mechanism for Distributed Network
Efficient and Secure Single Sign on Mechanism for Distributed Network
 
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
 
Physical Layer Essay
Physical Layer EssayPhysical Layer Essay
Physical Layer Essay
 
APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL
APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROLAPPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL
APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL
 
J0704055058
J0704055058J0704055058
J0704055058
 
Final report ethical hacking
Final report ethical hackingFinal report ethical hacking
Final report ethical hacking
 
Toward a statistical framework for source anonymity in sensor networks
Toward a statistical framework for source anonymity in sensor networksToward a statistical framework for source anonymity in sensor networks
Toward a statistical framework for source anonymity in sensor networks
 
Dotnet toward a statistical framework for source anonymity in sensor networks
Dotnet toward a statistical framework for source anonymity in sensor networksDotnet toward a statistical framework for source anonymity in sensor networks
Dotnet toward a statistical framework for source anonymity in sensor networks
 
Toward a statistical framework for source anonymity in sensor networks
Toward a statistical framework for source anonymity in sensor networksToward a statistical framework for source anonymity in sensor networks
Toward a statistical framework for source anonymity in sensor networks
 
Paper1_Final
Paper1_FinalPaper1_Final
Paper1_Final
 
Employment Feedback by Securing Data using Anonymous Authentication
Employment Feedback by Securing Data using Anonymous AuthenticationEmployment Feedback by Securing Data using Anonymous Authentication
Employment Feedback by Securing Data using Anonymous Authentication
 
Paper id 35201568
Paper id 35201568Paper id 35201568
Paper id 35201568
 
AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...
AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...
AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...
 

More from Ecway2004

Covering points of interest with mobile sensors
Covering points of interest with mobile sensorsCovering points of interest with mobile sensors
Covering points of interest with mobile sensorsEcway2004
 
Coloring based inter-wban scheduling for mobile wireless body area networks
Coloring based inter-wban scheduling for mobile wireless body area networksColoring based inter-wban scheduling for mobile wireless body area networks
Coloring based inter-wban scheduling for mobile wireless body area networksEcway2004
 
Code modulation based encryption & decryption technique for secure communicat...
Code modulation based encryption & decryption technique for secure communicat...Code modulation based encryption & decryption technique for secure communicat...
Code modulation based encryption & decryption technique for secure communicat...Ecway2004
 
Clustering sentence level text using a novel fuzzy relational clustering algo...
Clustering sentence level text using a novel fuzzy relational clustering algo...Clustering sentence level text using a novel fuzzy relational clustering algo...
Clustering sentence level text using a novel fuzzy relational clustering algo...Ecway2004
 
Clustering large probabilistic graphs
Clustering large probabilistic graphsClustering large probabilistic graphs
Clustering large probabilistic graphsEcway2004
 
Cloudsim t-drive enhancing driving directions with taxi drivers’ intelligence
Cloudsim t-drive enhancing driving directions with taxi drivers’ intelligenceCloudsim t-drive enhancing driving directions with taxi drivers’ intelligence
Cloudsim t-drive enhancing driving directions with taxi drivers’ intelligenceEcway2004
 
Cloudsim ranking on data manifold with sink points
Cloudsim ranking on data manifold with sink pointsCloudsim ranking on data manifold with sink points
Cloudsim ranking on data manifold with sink pointsEcway2004
 
Cloudsim quality-differentiated video multicast in multirate wireless networks
Cloudsim quality-differentiated video multicast in multirate wireless networksCloudsim quality-differentiated video multicast in multirate wireless networks
Cloudsim quality-differentiated video multicast in multirate wireless networksEcway2004
 
Cloudsim power allocation for statistical qo s provisioning in opportunistic...
Cloudsim power allocation for statistical qo s provisioning in opportunistic...Cloudsim power allocation for statistical qo s provisioning in opportunistic...
Cloudsim power allocation for statistical qo s provisioning in opportunistic...Ecway2004
 
Cloudsim distributed web systems performance forecasting using turning bands...
Cloudsim distributed web systems performance forecasting using turning bands...Cloudsim distributed web systems performance forecasting using turning bands...
Cloudsim distributed web systems performance forecasting using turning bands...Ecway2004
 
Cloudsim distributed processing of probabilistic top-k queries in wireless s...
Cloudsim distributed processing of probabilistic top-k queries in wireless s...Cloudsim distributed processing of probabilistic top-k queries in wireless s...
Cloudsim distributed processing of probabilistic top-k queries in wireless s...Ecway2004
 
Civil 2013 titles
Civil 2013 titlesCivil 2013 titles
Civil 2013 titlesEcway2004
 
Chopper based dc motor speed control
Chopper based dc motor speed controlChopper based dc motor speed control
Chopper based dc motor speed controlEcway2004
 
Channel assignment for throughput optimization in multichannel multiradio wir...
Channel assignment for throughput optimization in multichannel multiradio wir...Channel assignment for throughput optimization in multichannel multiradio wir...
Channel assignment for throughput optimization in multichannel multiradio wir...Ecway2004
 
Channel allocation and routing in hybrid multichannel multiradio wireless mes...
Channel allocation and routing in hybrid multichannel multiradio wireless mes...Channel allocation and routing in hybrid multichannel multiradio wireless mes...
Channel allocation and routing in hybrid multichannel multiradio wireless mes...Ecway2004
 
Casual stereoscopic photo authoring
Casual stereoscopic photo authoringCasual stereoscopic photo authoring
Casual stereoscopic photo authoringEcway2004
 
Casual stereoscopic photo authoring
Casual stereoscopic photo authoringCasual stereoscopic photo authoring
Casual stereoscopic photo authoringEcway2004
 
Capacity of hybrid wireless mesh networks with random a ps
Capacity of hybrid wireless mesh networks with random a psCapacity of hybrid wireless mesh networks with random a ps
Capacity of hybrid wireless mesh networks with random a psEcway2004
 
Bomb detection robot with wireless camera
Bomb detection robot with wireless cameraBomb detection robot with wireless camera
Bomb detection robot with wireless cameraEcway2004
 
Bed side patients monitoring system with emergency alert
Bed side patients monitoring system with emergency alertBed side patients monitoring system with emergency alert
Bed side patients monitoring system with emergency alertEcway2004
 

More from Ecway2004 (20)

Covering points of interest with mobile sensors
Covering points of interest with mobile sensorsCovering points of interest with mobile sensors
Covering points of interest with mobile sensors
 
Coloring based inter-wban scheduling for mobile wireless body area networks
Coloring based inter-wban scheduling for mobile wireless body area networksColoring based inter-wban scheduling for mobile wireless body area networks
Coloring based inter-wban scheduling for mobile wireless body area networks
 
Code modulation based encryption & decryption technique for secure communicat...
Code modulation based encryption & decryption technique for secure communicat...Code modulation based encryption & decryption technique for secure communicat...
Code modulation based encryption & decryption technique for secure communicat...
 
Clustering sentence level text using a novel fuzzy relational clustering algo...
Clustering sentence level text using a novel fuzzy relational clustering algo...Clustering sentence level text using a novel fuzzy relational clustering algo...
Clustering sentence level text using a novel fuzzy relational clustering algo...
 
Clustering large probabilistic graphs
Clustering large probabilistic graphsClustering large probabilistic graphs
Clustering large probabilistic graphs
 
Cloudsim t-drive enhancing driving directions with taxi drivers’ intelligence
Cloudsim t-drive enhancing driving directions with taxi drivers’ intelligenceCloudsim t-drive enhancing driving directions with taxi drivers’ intelligence
Cloudsim t-drive enhancing driving directions with taxi drivers’ intelligence
 
Cloudsim ranking on data manifold with sink points
Cloudsim ranking on data manifold with sink pointsCloudsim ranking on data manifold with sink points
Cloudsim ranking on data manifold with sink points
 
Cloudsim quality-differentiated video multicast in multirate wireless networks
Cloudsim quality-differentiated video multicast in multirate wireless networksCloudsim quality-differentiated video multicast in multirate wireless networks
Cloudsim quality-differentiated video multicast in multirate wireless networks
 
Cloudsim power allocation for statistical qo s provisioning in opportunistic...
Cloudsim power allocation for statistical qo s provisioning in opportunistic...Cloudsim power allocation for statistical qo s provisioning in opportunistic...
Cloudsim power allocation for statistical qo s provisioning in opportunistic...
 
Cloudsim distributed web systems performance forecasting using turning bands...
Cloudsim distributed web systems performance forecasting using turning bands...Cloudsim distributed web systems performance forecasting using turning bands...
Cloudsim distributed web systems performance forecasting using turning bands...
 
Cloudsim distributed processing of probabilistic top-k queries in wireless s...
Cloudsim distributed processing of probabilistic top-k queries in wireless s...Cloudsim distributed processing of probabilistic top-k queries in wireless s...
Cloudsim distributed processing of probabilistic top-k queries in wireless s...
 
Civil 2013 titles
Civil 2013 titlesCivil 2013 titles
Civil 2013 titles
 
Chopper based dc motor speed control
Chopper based dc motor speed controlChopper based dc motor speed control
Chopper based dc motor speed control
 
Channel assignment for throughput optimization in multichannel multiradio wir...
Channel assignment for throughput optimization in multichannel multiradio wir...Channel assignment for throughput optimization in multichannel multiradio wir...
Channel assignment for throughput optimization in multichannel multiradio wir...
 
Channel allocation and routing in hybrid multichannel multiradio wireless mes...
Channel allocation and routing in hybrid multichannel multiradio wireless mes...Channel allocation and routing in hybrid multichannel multiradio wireless mes...
Channel allocation and routing in hybrid multichannel multiradio wireless mes...
 
Casual stereoscopic photo authoring
Casual stereoscopic photo authoringCasual stereoscopic photo authoring
Casual stereoscopic photo authoring
 
Casual stereoscopic photo authoring
Casual stereoscopic photo authoringCasual stereoscopic photo authoring
Casual stereoscopic photo authoring
 
Capacity of hybrid wireless mesh networks with random a ps
Capacity of hybrid wireless mesh networks with random a psCapacity of hybrid wireless mesh networks with random a ps
Capacity of hybrid wireless mesh networks with random a ps
 
Bomb detection robot with wireless camera
Bomb detection robot with wireless cameraBomb detection robot with wireless camera
Bomb detection robot with wireless camera
 
Bed side patients monitoring system with emergency alert
Bed side patients monitoring system with emergency alertBed side patients monitoring system with emergency alert
Bed side patients monitoring system with emergency alert
 

Android security analysis of a single sign-on mechanism for distributed computer networks

  • 1. ECWAY TECHNOLOGIES IEEE PROJECTS & SOFTWARE DEVELOPMENTS OUR OFFICES @ CHENNAI / TRICHY / KARUR / ERODE / MADURAI / SALEM / COIMBATORE CELL: +91 98949 17187, +91 875487 2111 / 3111 / 4111 / 5111 / 6111 VISIT: www.ecwayprojects.com MAIL TO: ecwaytechnologies@gmail.com SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS ABSTRACT: In this paper, however, we demonstrative that their scheme is actually insecure as it fails to meet credential privacy and soundness of authentication. Specifically, we present two impersonation attacks. The first attack allows a malicious service provider, who has successfully communicated with a legal user twice, to recover the user’s credential and then to impersonate the user to access resources and services offered by other service providers. In another attack, an outsider without any credential may be able to enjoy network services freely by impersonating any legal user or a nonexistent user. We identify the flaws in their security arguments to explain why attacks are possible against their SSO scheme. Our attacks also apply to another SSO scheme proposed by Hsu and Chuang, which inspired the design of the Chang–Lee scheme. Moreover, by employing an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an improvement for repairing the Chang–Lee scheme.