SlideShare a Scribd company logo

SSO Security Analysis Distributed Networks

ecwayerode
ecwayerode
Education
1 of 1
Download to read offline
SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS ABSTRACT: In this paper, however, we demonstrative that their scheme is actually insecure as it fails to meet credential privacy and soundness of authentication. Specifically, we present two impersonation attacks. The first attack allows a malicious service provider, who has successfully communicated with a legal user twice, to recover the user’s credential and then to impersonate the user to access resources and services offered by other service providers. In another attack, an outsider without any credential may be able to enjoy network services freely by impersonating any legal user or a nonexistent user. We identify the flaws in their security arguments to explain why attacks are possible against their SSO scheme. Our attacks also apply to another SSO scheme proposed by Hsu and Chuang, which inspired the design of the Chang–Lee scheme. Moreover, by employing an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an improvement for repairing the Chang–Lee scheme. ECWAY TECHNOLOGIES IEEE PROJECTS & SOFTWARE DEVELOPMENTS OUR OFFICES @ CHENNAI / TRICHY / KARUR / ERODE / MADURAI / SALEM / COIMBATORE CELL: +91 98949 17187, +91 875487 2111 / 3111 / 4111 / 5111 / 6111 VISIT: www.ecwayprojects.com MAIL TO: ecwaytechnologies@gmail.com

Recommended

Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Ecway Technologies
 
Security Testing
Security TestingSecurity Testing
Security TestingBOSS Webtech
 
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGIMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGInternational Journal of Technical Research & Application
 
Sar writingv2
Sar writingv2Sar writingv2
Sar writingv2Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...Nexgen Technology
 
SQL injection
SQL injectionSQL injection
SQL injectionRaj Parmar
 
Control cloud data access privilege and anonymity with fully anonymous attri...
Control cloud data access privilege and anonymity with fully anonymous attri...Control cloud data access privilege and anonymity with fully anonymous attri...
Control cloud data access privilege and anonymity with fully anonymous attri...LeMeniz Infotech
 
Control cloud data access privilege and anonymity with fully anonymous attrib...
Control cloud data access privilege and anonymity with fully anonymous attrib...Control cloud data access privilege and anonymity with fully anonymous attrib...
Control cloud data access privilege and anonymity with fully anonymous attrib...Pvrtechnologies Nellore
 

Recommended

Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Ecway Technologies
 
Security Testing
Security TestingSecurity Testing
Security TestingBOSS Webtech
 
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGIMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKING
IMPLEMENTATION OF METHODS FOR TRANSACTION IN SECURE ONLINE BANKINGInternational Journal of Technical Research & Application
 
Sar writingv2
Sar writingv2Sar writingv2
Sar writingv2Todd Benson (I.T. SPECIALIST and I.T. SECURITY)
 
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...
CONTROL CLOUD DATA ACCESS PRIVILEGE AND ANONYMITY WITH FULLY ANONYMOUS ATTRIB...Nexgen Technology
 
SQL injection
SQL injectionSQL injection
SQL injectionRaj Parmar
 
Control cloud data access privilege and anonymity with fully anonymous attri...
Control cloud data access privilege and anonymity with fully anonymous attri...Control cloud data access privilege and anonymity with fully anonymous attri...
Control cloud data access privilege and anonymity with fully anonymous attri...LeMeniz Infotech
 
Control cloud data access privilege and anonymity with fully anonymous attrib...
Control cloud data access privilege and anonymity with fully anonymous attrib...Control cloud data access privilege and anonymity with fully anonymous attrib...
Control cloud data access privilege and anonymity with fully anonymous attrib...Pvrtechnologies Nellore
 
Privacy protection for role based access control in service oriented architec...
Privacy protection for role based access control in service oriented architec...Privacy protection for role based access control in service oriented architec...
Privacy protection for role based access control in service oriented architec...IJNSA Journal
 
Kurapati Suresh
Kurapati Suresh Kurapati Suresh
Kurapati Suresh Suresh Krishna
 
Lecture 1
Lecture 1Lecture 1
Lecture 1waqasahmed1988
 
Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...JPINFOTECH JAYAPRAKASH
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorizationAlexandru Pasaila
 
Malware protection system
Malware protection systemMalware protection system
Malware protection systemseren1secugenius
 
A computational-dynamic-trust-model-for-user-authorization-docx
A computational-dynamic-trust-model-for-user-authorization-docxA computational-dynamic-trust-model-for-user-authorization-docx
A computational-dynamic-trust-model-for-user-authorization-docxPvrtechnologies Nellore
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...IEEEFINALYEARPROJECTS
 
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...IEEEGLOBALSOFTTECHNOLOGIES
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...JPINFOTECH JAYAPRAKASH
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwaytechnoz
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwayt
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwaytechnoz
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...ecwayprojects
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Ecwayt
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwaytechnoz
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecway2004
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwaytech
 
Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Ecwaytech
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecway2004
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwayt
 
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...Pvrtechnologies Nellore
 

More Related Content

What's hot

Privacy protection for role based access control in service oriented architec...
Privacy protection for role based access control in service oriented architec...Privacy protection for role based access control in service oriented architec...
Privacy protection for role based access control in service oriented architec...IJNSA Journal
 
Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...JPINFOTECH JAYAPRAKASH
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorizationAlexandru Pasaila
 
A computational-dynamic-trust-model-for-user-authorization-docx
A computational-dynamic-trust-model-for-user-authorization-docxA computational-dynamic-trust-model-for-user-authorization-docx
A computational-dynamic-trust-model-for-user-authorization-docxPvrtechnologies Nellore
 

What's hot (7)

Privacy protection for role based access control in service oriented architec...
Privacy protection for role based access control in service oriented architec...Privacy protection for role based access control in service oriented architec...
Privacy protection for role based access control in service oriented architec...
 
Kurapati Suresh
Kurapati Suresh Kurapati Suresh
Kurapati Suresh
 
Lecture 1
Lecture 1Lecture 1
Lecture 1
 
Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...Scalable and secure sharing of personal health records in cloud computing usi...
Scalable and secure sharing of personal health records in cloud computing usi...
 
Web authentication & authorization
Web authentication & authorizationWeb authentication & authorization
Web authentication & authorization
 
Malware protection system
Malware protection systemMalware protection system
Malware protection system
 
A computational-dynamic-trust-model-for-user-authorization-docx
A computational-dynamic-trust-model-for-user-authorization-docxA computational-dynamic-trust-model-for-user-authorization-docx
A computational-dynamic-trust-model-for-user-authorization-docx
 

Similar to SSO Security Analysis Distributed Networks

Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...IEEEFINALYEARPROJECTS
 
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...IEEEGLOBALSOFTTECHNOLOGIES
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...JPINFOTECH JAYAPRAKASH
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwaytechnoz
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwayt
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwaytechnoz
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...ecwayprojects
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Ecwayt
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwaytechnoz
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecway2004
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwaytech
 
Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Ecwaytech
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecway2004
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Ecwayt
 
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...Pvrtechnologies Nellore
 
IRJET- Detection of Spoofing and Jamming Attacks in Wireless Smart Grid Netwo...
IRJET- Detection of Spoofing and Jamming Attacks in Wireless Smart Grid Netwo...IRJET- Detection of Spoofing and Jamming Attacks in Wireless Smart Grid Netwo...
IRJET- Detection of Spoofing and Jamming Attacks in Wireless Smart Grid Netwo...IRJET Journal
 
A Review on Wireless Network Security.pdf
A Review on Wireless Network Security.pdfA Review on Wireless Network Security.pdf
A Review on Wireless Network Security.pdfRhonda Cetnar
 
Single sign on mechanism for distributed computing
Single sign on mechanism for distributed computingSingle sign on mechanism for distributed computing
Single sign on mechanism for distributed computingeSAT Publishing House
 
Authentication and Authorization for User Roles and Device for Attack Detecti...
Authentication and Authorization for User Roles and Device for Attack Detecti...Authentication and Authorization for User Roles and Device for Attack Detecti...
Authentication and Authorization for User Roles and Device for Attack Detecti...IRJET Journal
 

Similar to SSO Security Analysis Distributed Networks (20)

Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...
 
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
JAVA 2013 IEEE NETWORKSECURITY PROJECT Security analysis of a single sign on ...
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...
 
Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...Security analysis of a single sign on mechanism for distributed computer netw...
Security analysis of a single sign on mechanism for distributed computer netw...
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...
 
Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...Dotnet security analysis of a single sign-on mechanism for distributed compu...
Dotnet security analysis of a single sign-on mechanism for distributed compu...
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...
 
Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...Android security analysis of a single sign-on mechanism for distributed comp...
Android security analysis of a single sign-on mechanism for distributed comp...
 
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
Control cloud-data-access-privilege-and-anonymity-with-fully-anonymous-attrib...
 
IRJET- Detection of Spoofing and Jamming Attacks in Wireless Smart Grid Netwo...
IRJET- Detection of Spoofing and Jamming Attacks in Wireless Smart Grid Netwo...IRJET- Detection of Spoofing and Jamming Attacks in Wireless Smart Grid Netwo...
IRJET- Detection of Spoofing and Jamming Attacks in Wireless Smart Grid Netwo...
 
A Review on Wireless Network Security.pdf
A Review on Wireless Network Security.pdfA Review on Wireless Network Security.pdf
A Review on Wireless Network Security.pdf
 
Single sign on mechanism for distributed computing
Single sign on mechanism for distributed computingSingle sign on mechanism for distributed computing
Single sign on mechanism for distributed computing
 
Authentication and Authorization for User Roles and Device for Attack Detecti...
Authentication and Authorization for User Roles and Device for Attack Detecti...Authentication and Authorization for User Roles and Device for Attack Detecti...
Authentication and Authorization for User Roles and Device for Attack Detecti...
 
J0704055058
J0704055058J0704055058
J0704055058
 

More from ecwayerode

Triaxial accelerometer based fall detection method using a self-constructing ...
Triaxial accelerometer based fall detection method using a self-constructing ...Triaxial accelerometer based fall detection method using a self-constructing ...
Triaxial accelerometer based fall detection method using a self-constructing ...ecwayerode
 
Smart host microcontroller for optimal battery charging in a solar powered ro...
Smart host microcontroller for optimal battery charging in a solar powered ro...Smart host microcontroller for optimal battery charging in a solar powered ro...
Smart host microcontroller for optimal battery charging in a solar powered ro...ecwayerode
 
Remote control system of high efficiency and intelligent street lighting usin...
Remote control system of high efficiency and intelligent street lighting usin...Remote control system of high efficiency and intelligent street lighting usin...
Remote control system of high efficiency and intelligent street lighting usin...ecwayerode
 
Remote monitoring system of ecg and body temperature signals
Remote monitoring system of ecg and body temperature signalsRemote monitoring system of ecg and body temperature signals
Remote monitoring system of ecg and body temperature signalsecwayerode
 
Reduce the standby power consumption of a microwave oven
Reduce the standby power consumption of a microwave ovenReduce the standby power consumption of a microwave oven
Reduce the standby power consumption of a microwave ovenecwayerode
 
Low power wireless sensor network for building monitoring
Low power wireless sensor network for building monitoringLow power wireless sensor network for building monitoring
Low power wireless sensor network for building monitoringecwayerode
 
Land use classification using taxi gps traces
Land use classification using taxi gps tracesLand use classification using taxi gps traces
Land use classification using taxi gps tracesecwayerode
 
Intelligent household led lighting system considering energy efficiency and u...
Intelligent household led lighting system considering energy efficiency and u...Intelligent household led lighting system considering energy efficiency and u...
Intelligent household led lighting system considering energy efficiency and u...ecwayerode
 
Energy efficient wireless mac protocolsfor railway monitoring applications
Energy efficient wireless mac protocolsfor railway monitoring applicationsEnergy efficient wireless mac protocolsfor railway monitoring applications
Energy efficient wireless mac protocolsfor railway monitoring applicationsecwayerode
 
Design of an embedded speech centric interface for applications in handheld t...
Design of an embedded speech centric interface for applications in handheld t...Design of an embedded speech centric interface for applications in handheld t...
Design of an embedded speech centric interface for applications in handheld t...ecwayerode
 
Design and evaluation of a haptic computer assistant for tele-manipulation tasks
Design and evaluation of a haptic computer assistant for tele-manipulation tasksDesign and evaluation of a haptic computer assistant for tele-manipulation tasks
Design and evaluation of a haptic computer assistant for tele-manipulation tasksecwayerode
 
Automatic road crack detection and characterization
Automatic road crack detection and characterizationAutomatic road crack detection and characterization
Automatic road crack detection and characterizationecwayerode
 
Automatic calibration method for driver’s head orientation and eye movements ...
Automatic calibration method for driver’s head orientation and eye movements ...Automatic calibration method for driver’s head orientation and eye movements ...
Automatic calibration method for driver’s head orientation and eye movements ...ecwayerode
 
An embedded systems laboratory to support rapid prototyping of robotics and t...
An embedded systems laboratory to support rapid prototyping of robotics and t...An embedded systems laboratory to support rapid prototyping of robotics and t...
An embedded systems laboratory to support rapid prototyping of robotics and t...ecwayerode
 
Accessible display design to control home area networks
Accessible display design to control home area networksAccessible display design to control home area networks
Accessible display design to control home area networksecwayerode
 
A virtual touch event method using scene recognition for digital television
A virtual touch event method using scene recognition for digital televisionA virtual touch event method using scene recognition for digital television
A virtual touch event method using scene recognition for digital televisionecwayerode
 
A robot that approaches pedestrians
A robot that approaches pedestriansA robot that approaches pedestrians
A robot that approaches pedestriansecwayerode
 
Changes in the correlation between eye and steering movements indicate driver...
Changes in the correlation between eye and steering movements indicate driver...Changes in the correlation between eye and steering movements indicate driver...
Changes in the correlation between eye and steering movements indicate driver...ecwayerode
 
Towards the implementation of io t for environmental condition monitoring in ...
Towards the implementation of io t for environmental condition monitoring in ...Towards the implementation of io t for environmental condition monitoring in ...
Towards the implementation of io t for environmental condition monitoring in ...ecwayerode
 
Design and fabrication of pneumatic reciprocating water pumping system
Design and fabrication of pneumatic reciprocating water pumping systemDesign and fabrication of pneumatic reciprocating water pumping system
Design and fabrication of pneumatic reciprocating water pumping systemecwayerode
 

More from ecwayerode (20)

Triaxial accelerometer based fall detection method using a self-constructing ...
Triaxial accelerometer based fall detection method using a self-constructing ...Triaxial accelerometer based fall detection method using a self-constructing ...
Triaxial accelerometer based fall detection method using a self-constructing ...
 
Smart host microcontroller for optimal battery charging in a solar powered ro...
Smart host microcontroller for optimal battery charging in a solar powered ro...Smart host microcontroller for optimal battery charging in a solar powered ro...
Smart host microcontroller for optimal battery charging in a solar powered ro...
 
Remote control system of high efficiency and intelligent street lighting usin...
Remote control system of high efficiency and intelligent street lighting usin...Remote control system of high efficiency and intelligent street lighting usin...
Remote control system of high efficiency and intelligent street lighting usin...
 
Remote monitoring system of ecg and body temperature signals
Remote monitoring system of ecg and body temperature signalsRemote monitoring system of ecg and body temperature signals
Remote monitoring system of ecg and body temperature signals
 
Reduce the standby power consumption of a microwave oven
Reduce the standby power consumption of a microwave ovenReduce the standby power consumption of a microwave oven
Reduce the standby power consumption of a microwave oven
 
Low power wireless sensor network for building monitoring
Low power wireless sensor network for building monitoringLow power wireless sensor network for building monitoring
Low power wireless sensor network for building monitoring
 
Land use classification using taxi gps traces
Land use classification using taxi gps tracesLand use classification using taxi gps traces
Land use classification using taxi gps traces
 
Intelligent household led lighting system considering energy efficiency and u...
Intelligent household led lighting system considering energy efficiency and u...Intelligent household led lighting system considering energy efficiency and u...
Intelligent household led lighting system considering energy efficiency and u...
 
Energy efficient wireless mac protocolsfor railway monitoring applications
Energy efficient wireless mac protocolsfor railway monitoring applicationsEnergy efficient wireless mac protocolsfor railway monitoring applications
Energy efficient wireless mac protocolsfor railway monitoring applications
 
Design of an embedded speech centric interface for applications in handheld t...
Design of an embedded speech centric interface for applications in handheld t...Design of an embedded speech centric interface for applications in handheld t...
Design of an embedded speech centric interface for applications in handheld t...
 
Design and evaluation of a haptic computer assistant for tele-manipulation tasks
Design and evaluation of a haptic computer assistant for tele-manipulation tasksDesign and evaluation of a haptic computer assistant for tele-manipulation tasks
Design and evaluation of a haptic computer assistant for tele-manipulation tasks
 
Automatic road crack detection and characterization
Automatic road crack detection and characterizationAutomatic road crack detection and characterization
Automatic road crack detection and characterization
 
Automatic calibration method for driver’s head orientation and eye movements ...
Automatic calibration method for driver’s head orientation and eye movements ...Automatic calibration method for driver’s head orientation and eye movements ...
Automatic calibration method for driver’s head orientation and eye movements ...
 
An embedded systems laboratory to support rapid prototyping of robotics and t...
An embedded systems laboratory to support rapid prototyping of robotics and t...An embedded systems laboratory to support rapid prototyping of robotics and t...
An embedded systems laboratory to support rapid prototyping of robotics and t...
 
Accessible display design to control home area networks
Accessible display design to control home area networksAccessible display design to control home area networks
Accessible display design to control home area networks
 
A virtual touch event method using scene recognition for digital television
A virtual touch event method using scene recognition for digital televisionA virtual touch event method using scene recognition for digital television
A virtual touch event method using scene recognition for digital television
 
A robot that approaches pedestrians
A robot that approaches pedestriansA robot that approaches pedestrians
A robot that approaches pedestrians
 
Changes in the correlation between eye and steering movements indicate driver...
Changes in the correlation between eye and steering movements indicate driver...Changes in the correlation between eye and steering movements indicate driver...
Changes in the correlation between eye and steering movements indicate driver...
 
Towards the implementation of io t for environmental condition monitoring in ...
Towards the implementation of io t for environmental condition monitoring in ...Towards the implementation of io t for environmental condition monitoring in ...
Towards the implementation of io t for environmental condition monitoring in ...
 
Design and fabrication of pneumatic reciprocating water pumping system
Design and fabrication of pneumatic reciprocating water pumping systemDesign and fabrication of pneumatic reciprocating water pumping system
Design and fabrication of pneumatic reciprocating water pumping system
 

Recently uploaded

The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13Steve Thomason
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docxPoojaSen20
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)eniolaolutunde
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdfQucHHunhnh
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeThiyagu K
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationnomboosow
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...Sapna Thakur
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpinRaunakKeshri1
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionSafetyChain Software
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxGaneshChakor2
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Celine George
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...anjaliyadav012327
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsTechSoup
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3JemimahLaneBuaron
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxSayali Powar
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room servicediscovermytutordmt
 

Recently uploaded (20)

The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13The Most Excellent Way | 1 Corinthians 13
The Most Excellent Way | 1 Corinthians 13
 
mini mental status format.docx
mini mental status format.docxmini mental status format.docx
mini mental status format.docx
 
Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)Software Engineering Methodologies (overview)
Software Engineering Methodologies (overview)
 
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
Mattingly "AI & Prompt Design: Structured Data, Assistants, & RAG"
 
1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf1029 - Danh muc Sach Giao Khoa 10 . pdf
1029 - Danh muc Sach Giao Khoa 10 . pdf
 
Measures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and ModeMeasures of Central Tendency: Mean, Median and Mode
Measures of Central Tendency: Mean, Median and Mode
 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
 
Interactive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communicationInteractive Powerpoint_How to Master effective communication
Interactive Powerpoint_How to Master effective communication
 
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
BAG TECHNIQUE Bag technique-a tool making use of public health bag through wh...
 
Student login on Anyboli platform.helpin
Student login on Anyboli platform.helpinStudent login on Anyboli platform.helpin
Student login on Anyboli platform.helpin
 
Mastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory InspectionMastering the Unannounced Regulatory Inspection
Mastering the Unannounced Regulatory Inspection
 
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"Mattingly "AI & Prompt Design: The Basics of Prompt Design"
Mattingly "AI & Prompt Design: The Basics of Prompt Design"
 
CARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptxCARE OF CHILD IN INCUBATOR..........pptx
CARE OF CHILD IN INCUBATOR..........pptx
 
Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17Advanced Views - Calendar View in Odoo 17
Advanced Views - Calendar View in Odoo 17
 
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
JAPAN: ORGANISATION OF PMDA, PHARMACEUTICAL LAWS & REGULATIONS, TYPES OF REGI...
 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
 
Introduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The BasicsIntroduction to Nonprofit Accounting: The Basics
Introduction to Nonprofit Accounting: The Basics
 
Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3Q4-W6-Restating Informational Text Grade 3
Q4-W6-Restating Informational Text Grade 3
 
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptxPOINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
POINT- BIOCHEMISTRY SEM 2 ENZYMES UNIT 5.pptx
 
9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service9548086042 for call girls in Indira Nagar with room service
9548086042 for call girls in Indira Nagar with room service
 

SSO Security Analysis Distributed Networks

  • 1. SECURITY ANALYSIS OF A SINGLE SIGN-ON MECHANISM FOR DISTRIBUTED COMPUTER NETWORKS ABSTRACT: In this paper, however, we demonstrative that their scheme is actually insecure as it fails to meet credential privacy and soundness of authentication. Specifically, we present two impersonation attacks. The first attack allows a malicious service provider, who has successfully communicated with a legal user twice, to recover the user’s credential and then to impersonate the user to access resources and services offered by other service providers. In another attack, an outsider without any credential may be able to enjoy network services freely by impersonating any legal user or a nonexistent user. We identify the flaws in their security arguments to explain why attacks are possible against their SSO scheme. Our attacks also apply to another SSO scheme proposed by Hsu and Chuang, which inspired the design of the Chang–Lee scheme. Moreover, by employing an efficient verifiable encryption of RSA signatures proposed by Ateniese, we propose an improvement for repairing the Chang–Lee scheme. ECWAY TECHNOLOGIES IEEE PROJECTS & SOFTWARE DEVELOPMENTS OUR OFFICES @ CHENNAI / TRICHY / KARUR / ERODE / MADURAI / SALEM / COIMBATORE CELL: +91 98949 17187, +91 875487 2111 / 3111 / 4111 / 5111 / 6111 VISIT: www.ecwayprojects.com MAIL TO: ecwaytechnologies@gmail.com