Android security analysis of a single sign-on mechanism for distributed computer networks

•

0 likes•117 views

E

ECWAY TECHNOLOGIES
IEEE PROJECTS & SOFTWARE DEVELOPMENTS
OUR OFFICES @ CHENNAI / TRICHY / KARUR / ERODE / MADURAI / SALEM / COIMBATORE
CELL: +91 98949 17187, +91 875487 2111 / 3111 / 4111 / 5111 / 6111
VISIT: www.ecwayprojects.com MAIL TO: ecwaytechnologies@gmail.com

SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR
DISTRIBUTED COMPUTER NETWORKS

ABSTRACT:

In this paper, however, we demonstrative that their scheme is actually insecure as it fails to meet
credential privacy and soundness of authentication. Specifically, we present two impersonation
attacks. The first attack allows a malicious service provider, who has successfully communicated
with a legal user twice, to recover the user’s credential and then to impersonate the user to access
resources and services offered by other service providers. In another attack, an outsider without
any credential may be able to enjoy network services freely by impersonating any legal user or a
nonexistent user. We identify the flaws in their security arguments to explain why attacks are
possible against their SSO scheme. Our attacks also apply to another SSO scheme proposed by
Hsu and Chuang, which inspired the design of the Chang–Lee scheme. Moreover, by employing
an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an
improvement for repairing the Chang–Lee scheme.

More Related Content

Viewers also liked

Civil 2013 titles

Civil 2013 titles

Civil 2013 titles

IOSR Journal of Mathematics(IOSR-JM) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of mathemetics and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in mathematics. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.

Fuzzy Inventory Model for Constantly Deteriorating Items with Power Demand an...

Fuzzy Inventory Model for Constantly Deteriorating Items with Power Demand an...

Fuzzy Inventory Model for Constantly Deteriorating Items with Power Demand an...

Automatic road crack detection and characterization

Automatic road crack detection and characterization

Automatic road crack detection and characterization

презентация курса товароведение

презентация курса товароведение

презентация курса товароведение

Светлана Бреусова

AJP Reference

Test

How to Keep Perspective on Your Journey

How to Keep Perspective on Your Journey

How to Keep Perspective on Your Journey

Android ssd a robust rf location fingerprint addressing mobile devices’ hete...

Android ssd a robust rf location fingerprint addressing mobile devices’ hete...

Android ssd a robust rf location fingerprint addressing mobile devices’ hete...

Der Sport Meines Onkels

Der Sport Meines Onkels

Der Sport Meines Onkels

Automatic clutch & braking system

Automatic clutch & braking system

Automatic clutch & braking system

Indicadores

Violeta Caisabanda

Sandel Assc Toronto - Gigabit City Economic Development - January 10 2014 -...

Sandel Assc Toronto - Gigabit City Economic Development - January 10 2014 -...

Sandel Assc Toronto - Gigabit City Economic Development - January 10 2014 -...

Automatic electricity billing and tripping for non paid customers

Automatic electricity billing and tripping for non paid customers

Automatic electricity billing and tripping for non paid customers

Help! My Hadoop doesn't work!

Help! My Hadoop doesn't work!

Help! My Hadoop doesn't work!

Practicas 1,2 y 3

Practicas 1,2 y 3

Practicas 1,2 y 3

IOSR Journal of Mathematics(IOSR-JM) is a double blind peer reviewed International Journal that provides rapid publication (within a month) of articles in all areas of mathemetics and its applications. The journal welcomes publications of high quality papers on theoretical developments and practical applications in mathematics. Original research papers, state-of-the-art reviews, and high quality technical notes are invited for publications.

A Robust Model for Thegrowth of the Nigerian Population

A Robust Model for Thegrowth of the Nigerian Population

A Robust Model for Thegrowth of the Nigerian Population

Viewers also liked (16)

Civil 2013 titles

Civil 2013 titles

Civil 2013 titles

Fuzzy Inventory Model for Constantly Deteriorating Items with Power Demand an...

Fuzzy Inventory Model for Constantly Deteriorating Items with Power Demand an...

Fuzzy Inventory Model for Constantly Deteriorating Items with Power Demand an...

Automatic road crack detection and characterization

Automatic road crack detection and characterization

Automatic road crack detection and characterization

презентация курса товароведение

презентация курса товароведение

презентация курса товароведение

AJP Reference

Test

How to Keep Perspective on Your Journey

How to Keep Perspective on Your Journey

How to Keep Perspective on Your Journey

Android ssd a robust rf location fingerprint addressing mobile devices’ hete...

Android ssd a robust rf location fingerprint addressing mobile devices’ hete...

Android ssd a robust rf location fingerprint addressing mobile devices’ hete...

Der Sport Meines Onkels

Der Sport Meines Onkels

Der Sport Meines Onkels

Automatic clutch & braking system

Automatic clutch & braking system

Automatic clutch & braking system

Indicadores

Sandel Assc Toronto - Gigabit City Economic Development - January 10 2014 -...

Sandel Assc Toronto - Gigabit City Economic Development - January 10 2014 -...

Sandel Assc Toronto - Gigabit City Economic Development - January 10 2014 -...

Automatic electricity billing and tripping for non paid customers

Automatic electricity billing and tripping for non paid customers

Automatic electricity billing and tripping for non paid customers

Help! My Hadoop doesn't work!

Help! My Hadoop doesn't work!

Help! My Hadoop doesn't work!

Practicas 1,2 y 3

Practicas 1,2 y 3

Practicas 1,2 y 3

A Robust Model for Thegrowth of the Nigerian Population

A Robust Model for Thegrowth of the Nigerian Population

A Robust Model for Thegrowth of the Nigerian Population

Similar to Android security analysis of a single sign-on mechanism for distributed computer networks

Security analysis of a single sign on mechanism for distributed computer netw...

Security analysis of a single sign on mechanism for distributed computer netw...

Security analysis of a single sign on mechanism for distributed computer netw...

Ecway Technologies

Java security analysis of a single sign-on mechanism for distributed compute...

Java security analysis of a single sign-on mechanism for distributed compute...

Java security analysis of a single sign-on mechanism for distributed compute...

Final Year IEEE Projects, Final Year Projects, Academic Final Year Projects, Academic Final Year IEEE Projects, Academic Final Year IEEE Projects 2013, Academic Final Year IEEE Projects 2014, IEEE JAVA, .NET Projects, 2013 IEEE JAVA, .NET Projects, 2013 IEEE JAVA, .NET Projects in Chennai, 2013 IEEE JAVA, .NET Projects in Trichy, 2013 IEEE JAVA, .NET Projects in Karur, 2013 IEEE JAVA, .NET Projects in Erode, 2013 IEEE JAVA, .NET Projects in Madurai, 2013 IEEE JAVA, .NET Projects in Salem, 2013 IEEE JAVA, .NET Projects in Coimbatore, 2013 IEEE JAVA, .NET Projects in Tirupur, 2013 IEEE JAVA, .NET Projects in Bangalore, 2013 IEEE JAVA, .NET Projects in Hydrabad, 2013 IEEE JAVA, .NET Projects in Kerala, 2013 IEEE JAVA, .NET Projects in Namakkal, IEEE JAVA, .NET Image Processing, IEEE JAVA, .NET Face Recognition, IEEE JAVA, .NET Face Detection, IEEE JAVA, .NET Brain Tumour, IEEE JAVA, .NET Iris Recognition, IEEE JAVA, .NET Image Segmentation, Final Year JAVA, .NET Projects in Pondichery, Final Year JAVA, .NET Projects in Tamilnadu, Final Year JAVA, .NET Projects in Chennai, Final Year JAVA, .NET Projects in Trichy, Final Year JAVA, .NET Projects in Erode, Final Year JAVA, .NET Projects in Karur, Final Year JAVA, .NET Projects in Coimbatore, Final Year JAVA, .NET Projects in Tirunelveli, Final Year JAVA, .NET Projects in Madurai, Final Year JAVA, .NET Projects in Salem, Final Year JAVA, .NET Projects in Tirupur, Final Year JAVA, .NET Projects in Namakkal, Final Year JAVA, .NET Projects in Tanjore, Final Year JAVA, .NET Projects in Coimbatore, Final Year JAVA, .NET Projects in Bangalore, Final Year JAVA, .NET Projects in Hydrabad, Final Year JAVA, .NET Projects in Kerala, Final Year JAVA, .NET IEEE Projects in Pondichery, Final Year JAVA, .NET IEEE Projects in Tamilnadu, Final Year JAVA, .NET IEEE Projects in Chennai, Final Year JAVA, .NET IEEE Projects in Trichy, Final Year JAVA, .NET IEEE Projects in Erode, Final Year JAVA, .NET IEEE Projects in Karur, Final Year JAVA, .NET IEEE Projects in Coimbatore, Final Year JAVA, .NET IEEE Projects in Tirunelveli, Final Year JAVA, .NET IEEE Projects in Madurai, Final Year JAVA, .NET IEEE Projects in Salem, Final Year JAVA, .NET IEEE Projects in Tirupur, Final Year JAVA, .NET IEEE Projects in Namakkal, Final Year JAVA, .NET IEEE Projects in Tanjore, Final Year JAVA, .NET IEEE Projects in Coimbatore, Final Year JAVA, .NET IEEE Projects in Bangalore, Final Year JAVA, .NET IEEE Projects in Hydrabad, Final Year JAVA, .NET IEEE Projects in Kerala, Final Year IEEE MATLAB Projects, Final Year Projects, Academic Final Year Projects, Academic Final Year IEEE MATLAB Projects, Academic Final Year IEEE MATLAB Projects 2013, Academic Final Year IEEE MATLAB Projects 2014, IEEE MATLAB Projects, 2013 IEEE MATLAB Projects, 2013 IEEE MATLAB Projects in Chennai, 2013 IEEE MATLAB Projects in Trichy, 2013 IEEE MATLAB Projects in Karur, 2013 IEEE MATLAB Projects in Erode, 2013 IEEE MATLAB Projects in Madurai, 2013 IEEE MATLAB

Android security analysis of a single sign-on mechanism for distributed comp...

Android security analysis of a single sign-on mechanism for distributed comp...

Android security analysis of a single sign-on mechanism for distributed comp...

Java security analysis of a single sign-on mechanism for distributed compute...

Java security analysis of a single sign-on mechanism for distributed compute...

Java security analysis of a single sign-on mechanism for distributed compute...

Ecway Technologies

IJRET : International Journal of Research in Engineering and Technology is an international peer reviewed, online journal published by eSAT Publishing House for the enhancement of research in various disciplines of Engineering and Technology. The aim and scope of the journal is to provide an academic medium and an important reference for the advancement and dissemination of research results that support high-level learning, teaching and research in the fields of Engineering and Technology. We bring together Scientists, Academician, Field Engineers, Scholars and Students of related fields of Engineering and Technology

Survey on cloud computing security techniques

Survey on cloud computing security techniques

Survey on cloud computing security techniques

eSAT Publishing House

Abstract Cloud computing is one of the emerging technology in computer science field. It provides various services and resources, still enterprises are disinclined to invest their business in cloud computing. It is because of security issues it has. There are different service models in cloud computing and threats to security also have different. The characteristics that are must be ensured while thinking about data security in cloud computing are integrity, availability and confidentiality. In this paper we are surveying some of the Intrusion Detection and Prevention Systems (IDPS) and comparing them regarding their ability to provide data security. Keywords— Cloud Security, cloud computing, data security, IDPS

Survey on cloud computing security techniques

Survey on cloud computing security techniques

Survey on cloud computing security techniques

In a distributed system, authentication protocols are the basis of security to ensure that these protocols function properly. Passwords are one of the most common authentication protocol used nowadays. Because of low entropy of passwords makes the systems vulnerable to password guessing attacks. This paper presents a simple scheme that strengthens password-based authentication protocols and helps prevent dictionary attacks, replay attacks and man in the middle attacks etc., The proposed scheme presents a new password authentication protocol by using the user and server system identification/serial number. Here there is no possibility to store the user passwords so an attacker who gets the password cannot use it directly to gain immediate access and compromise security.

AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD

AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD

AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD

Distributed network act as core part to access the various services which are available in the network. But the security related to distributed network is main concern. In this paper single sign-on SSO mechanism is introduced which gives access to all services by allowing to sign on only once by users. In this mechanism once user logs in to the Trusted Authority Center TAC then application or services which are register to trusted center will automatically verifies the user’s credentials details and these credentials like password or digital signature will be only one for all applications or services. Unlike all other previous mechanisms where in, if user wants to have access multiple services then for every service distinct user credentials (username, password) must be required. SSO act as single authentication window to user for admittance multiple service providers in networks. Previously introduced technique based SSO technology proved to be secure over well-designed SSO system, but fails to provide security during communication. So here emphasis is given on authentication as open problem and on to refining the already proposed SSO process. And to do this along with RSA algorithm which was used in previous SSO process, we will be using MAC algorithm, which is intended to provide secured pathway for communication over distributed network.TAC i.e. Trusted Authority Center is used for sending token integrated with private and shared public key to user.

Efficient and Secure Single Sign on Mechanism for Distributed Network

Efficient and Secure Single Sign on Mechanism for Distributed Network

Efficient and Secure Single Sign on Mechanism for Distributed Network

Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...

Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...

Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...

Pvrtechnologies Nellore

Physical Layer Essay

Physical Layer Essay

Physical Layer Essay

Jenny Richardson

— in distributed computing environment, Mobile agents are mobile autonomous processes which operate on behalf of users (e.g., the Internet). These applications include a specialized search of a middleware services such as an active mail system, large free-text database, electronic malls for shopping, and updated networking devices. Mobile agent systems use less network bandwidth, increase asynchrony among clients and servers, dynamically update server interfaces and introduce concurrency. Due to software components, security of mobile agent is essential in any mobile agent based application. Security services such as Confidentiality, Integrity, Authentication, Authorization and Non-Repudiation are discussed and combat with by the researchers. This work is proposing a new technique for access control area of security for the mobile agents and it will be implemented using an example of shopping cart data sharing for multiple levels.

APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL

APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL

APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL

International Journal of Technical Research & Application

J0704055058

Final report ethical hacking

Final report ethical hacking

Final report ethical hacking

Toward a statistical framework for source anonymity in sensor networks

Toward a statistical framework for source anonymity in sensor networks

Toward a statistical framework for source anonymity in sensor networks

Dotnet toward a statistical framework for source anonymity in sensor networks

Dotnet toward a statistical framework for source anonymity in sensor networks

Dotnet toward a statistical framework for source anonymity in sensor networks

Toward a statistical framework for source anonymity in sensor networks

Toward a statistical framework for source anonymity in sensor networks

Toward a statistical framework for source anonymity in sensor networks

Paper1_Final

Employment Feedback by Securing Data using Anonymous Authentication

Employment Feedback by Securing Data using Anonymous Authentication

Employment Feedback by Securing Data using Anonymous Authentication

Paper id 35201568

Paper id 35201568

Paper id 35201568

AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...

AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...

AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...

Similar to Android security analysis of a single sign-on mechanism for distributed computer networks (20)

Security analysis of a single sign on mechanism for distributed computer netw...

Security analysis of a single sign on mechanism for distributed computer netw...

Security analysis of a single sign on mechanism for distributed computer netw...

Java security analysis of a single sign-on mechanism for distributed compute...

Java security analysis of a single sign-on mechanism for distributed compute...

Java security analysis of a single sign-on mechanism for distributed compute...

Android security analysis of a single sign-on mechanism for distributed comp...

Android security analysis of a single sign-on mechanism for distributed comp...

Android security analysis of a single sign-on mechanism for distributed comp...

Java security analysis of a single sign-on mechanism for distributed compute...

Java security analysis of a single sign-on mechanism for distributed compute...

Java security analysis of a single sign-on mechanism for distributed compute...

Survey on cloud computing security techniques

Survey on cloud computing security techniques

Survey on cloud computing security techniques

Survey on cloud computing security techniques

Survey on cloud computing security techniques

Survey on cloud computing security techniques

AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD

AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD

AN EFFICIENT IDENTITY BASED AUTHENTICATION PROTOCOL BY USING PASSWORD

Efficient and Secure Single Sign on Mechanism for Distributed Network

Efficient and Secure Single Sign on Mechanism for Distributed Network

Efficient and Secure Single Sign on Mechanism for Distributed Network

Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...

Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...

Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...

Physical Layer Essay

Physical Layer Essay

Physical Layer Essay

APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL

APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL

APPLICATION OF MOBILE AGENTS FOR SECURITY USING MULTILEVEL ACCESS CONTROL

J0704055058

Final report ethical hacking

Final report ethical hacking

Final report ethical hacking

Toward a statistical framework for source anonymity in sensor networks

Toward a statistical framework for source anonymity in sensor networks

Toward a statistical framework for source anonymity in sensor networks

Dotnet toward a statistical framework for source anonymity in sensor networks

Dotnet toward a statistical framework for source anonymity in sensor networks

Dotnet toward a statistical framework for source anonymity in sensor networks

Toward a statistical framework for source anonymity in sensor networks

Toward a statistical framework for source anonymity in sensor networks

Toward a statistical framework for source anonymity in sensor networks

Paper1_Final

Employment Feedback by Securing Data using Anonymous Authentication

Employment Feedback by Securing Data using Anonymous Authentication

Employment Feedback by Securing Data using Anonymous Authentication

Paper id 35201568

Paper id 35201568

Paper id 35201568

AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...

AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...

AN EFFICIENT SEMANTIC DATA ALIGNMENT BASED FCM TO INFER USER SEARCH GOALS USI...

Android security analysis of a single sign-on mechanism for distributed computer networks

1. ECWAY TECHNOLOGIES IEEE PROJECTS & SOFTWARE DEVELOPMENTS OUR OFFICES @ CHENNAI / TRICHY / KARUR / ERODE / MADURAI / SALEM / COIMBATORE CELL: +91 98949 17187, +91 875487 2111 / 3111 / 4111 / 5111 / 6111 VISIT: www.ecwayprojects.com MAIL TO: ecwaytechnologies@gmail.com SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS ABSTRACT: In this paper, however, we demonstrative that their scheme is actually insecure as it fails to meet credential privacy and soundness of authentication. Specifically, we present two impersonation attacks. The first attack allows a malicious service provider, who has successfully communicated with a legal user twice, to recover the user’s credential and then to impersonate the user to access resources and services offered by other service providers. In another attack, an outsider without any credential may be able to enjoy network services freely by impersonating any legal user or a nonexistent user. We identify the flaws in their security arguments to explain why attacks are possible against their SSO scheme. Our attacks also apply to another SSO scheme proposed by Hsu and Chuang, which inspired the design of the Chang–Lee scheme. Moreover, by employing an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an improvement for repairing the Chang–Lee scheme.