Identifier Migration for Identity Continuance in Single Sign-On

Abstract

Single sign-on (SSO) is an identity management technique that provides the ability to use multiple Web services with one set of credentials. However, when the authentication server is down or unavailable, users cannot access these Web services, regardless of whether they are operating normally. Therefore, it is important to enable continuous use alongside SSO. In this paper, we present an identity continuance method for SSO. First, we explain four such continuance methods and identify their limitations and problems. Second, we propose a new solution based on an identifier migration approach that meets the requirement for identity continuance. Finally, we discuss these methods from the viewpoint of continuity, security, efficiency, and feasibility.

Share and Cite:

Y. Kakizaki, K. Maeda and K. Iwamura, "Identifier Migration for Identity Continuance in Single Sign-On," Journal of Information Security, Vol. 3 No. 4, 2012, pp. 307-313. doi: 10.4236/jis.2012.34037.

Conflicts of Interest

The authors declare no conflicts of interest.

References

[1] A. Josang and S. Pope, “User Centric Identity Management,” Proceedings of AusCERT Asia Pacific Information Technology Security Conference: R&D Stream, Gold Coast, 22-26 May 2005, pp. 77-89.
[2] J. Goode, “The Importance of Identity Security,” Computer Fraud & Security, Vol. 2012, No. 1, 2012, pp. 5-7. doi:10.1016/S1361-3723(12)70006-4
[3] Y. Cao and L. Yang, “A Survey of Identity Management Technology,” 2010 IEEE International Conference on Information Theory and Information Security, Beijing, 17-19 December 2010, pp. 287-293. doi:10.1109/ICITIS.2010.5689468
[4] D. Smith, “The Challenge of Federated Identity Management,” Network Security, Vol. 2008, No. 4, 2008, pp. 7-9. doi:10.1016/S1353-4858(08)70051-5
[5] D. Recordon and D. Reed, “Open ID 2.0: A Platform for User-Centric Identity Management,” Proceedings of the second ACM workshop on Digital identity management (DIM’06), Alexandria, 30 October-3 November 2006, pp. 11-16. doi:10.1145/1179529.1179532
[6] “OpenID Authentication 2.0,” 2007. http://openid.net/specs/openid-authentication-2_0.html
[7] “Liberty Alliance Project,” http://www.projectliberty.org/
[8] “Shibboleth,” http://shibboleth.internet2.edu/
[9] T. Miyata, Y. Koga, P. Madsen, S. Adachi, Y. Tsuchiya, Y. Sakamoto and K. Takahashi, “A Survey on Identity Management Protocols and Standards,” IEICE Transactions on Information and Systems, Vol. E89-D, No. 1, 2006, pp. 112-123. doi:10.1093/ietisy/e89-d.1.112
[10] T. El Maliki and J.-M. Seigneur, “A Survey of User-Centric Identity Management Technologies,” International Conference on Emerging Security Information, Systems, and Technologies, Valencia, 14-20 October 2007, pp. 12-17. doi:10.1109/SECUREWARE.2007.4385303
[11] D. Nobayashi, Y. Nakamura, T. Ikenaga and Y. Hori, “Development of Single Sign-On System with Hardware Token and Key Management Server,” IEICE Transactions on Information and Systems, Vol. E92-D, No. 5, 2009, pp. 826-835. doi:10.1587/transinf.E92.D.826
[12] E. Hammer-Lahav, “The OAuth 1.0 Protocol,” RFC5849, 2010.
[13] “SourceForge,” http://sourceforge.net/
[14] “ATND,” http://atnd.org/
[15] “Stack Overflow,” http://stackoverflow.com/
[16] K. Maeda, Y. Kakizaki and K. Iwamura, “Identifier Migration in OpenID,” Proceedings of the Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS-2011), Seoul, 30 June-2 July 2011, pp. 612-617. doi:10.1109/IMIS.2011.78
[17] Y. Kakizaki, K. Maeda and K. Iwamura, “Identity Continuance in Single Sign-On with Authentication Server Failure,” Proceedings of the Fifth International Conference on Innovative Mobile and Internet Services in Ubiquitous Computing (IMIS-2011), Seoul, 30 June-2 July 2011, pp. 597-602. doi:10.1109/IMIS.2011.37

Copyright © 2024 by authors and Scientific Research Publishing Inc.

Creative Commons License

This work and the related PDF file are licensed under a Creative Commons Attribution 4.0 International License.