File Download
There are no files associated with this item.
Links for fulltext
(May Require Subscription)
- Publisher Website: 10.1007/11751595_54
- Scopus: eid_2-s2.0-33745907804
- Find via
Supplementary
-
Citations:
- Scopus: 0
- Appears in Collections:
Article: Weakest link attack on single sign-on and its case in SAML V2.0 web SSO
| Title | Weakest link attack on single sign-on and its case in SAML V2.0 web SSO |
|---|---|
| Authors | |
| Keywords | Computer Programming Languages Parallel Processing Systems Security Of Data Standards |
| Issue Date | 2006 |
| Publisher | Springer Verlag. The Journal's web site is located at http://springerlink.com/content/105633/ |
| Citation | Lecture Notes In Computer Science (Including Subseries Lecture Notes In Artificial Intelligence And Lecture Notes In Bioinformatics), 2006, v. 3982 LNCS, p. 507-516 How to Cite? |
| Abstract | In many of the single sign-on (SSO) specifications that support multitiered authentication, it is not mandatory to include the authentication context in a signed response. This can be exploited by the adversaries to launch a new kind of attack specific to SSO systems. In this paper, we propose the Weakest Link Attack, which is a kind of parallel session attack feasible in the above settings. Our attack enables adversaries to succeed at all levels of authentication associate to the victim user by breaking only at the weakest one. We present a detailed case study of our attack on web SSO as specified in Security Assertions Markup Language (SAML) V2.0, an OASIS standard released in March, 2005. We also suggest the corresponding repair at the end of the paper.1 © Springer-Verlag Berlin Heidelberg 2006. |
| Persistent Identifier | http://hdl.handle.net/10722/134698 |
| ISSN | 2023 SCImago Journal Rankings: 0.606 |
| References |
| DC Field | Value | Language |
|---|---|---|
| dc.contributor.author | Chan, YY | en_HK |
| dc.date.accessioned | 2011-07-05T08:24:37Z | - |
| dc.date.available | 2011-07-05T08:24:37Z | - |
| dc.date.issued | 2006 | en_HK |
| dc.identifier.citation | Lecture Notes In Computer Science (Including Subseries Lecture Notes In Artificial Intelligence And Lecture Notes In Bioinformatics), 2006, v. 3982 LNCS, p. 507-516 | en_HK |
| dc.identifier.issn | 0302-9743 | en_HK |
| dc.identifier.uri | http://hdl.handle.net/10722/134698 | - |
| dc.description.abstract | In many of the single sign-on (SSO) specifications that support multitiered authentication, it is not mandatory to include the authentication context in a signed response. This can be exploited by the adversaries to launch a new kind of attack specific to SSO systems. In this paper, we propose the Weakest Link Attack, which is a kind of parallel session attack feasible in the above settings. Our attack enables adversaries to succeed at all levels of authentication associate to the victim user by breaking only at the weakest one. We present a detailed case study of our attack on web SSO as specified in Security Assertions Markup Language (SAML) V2.0, an OASIS standard released in March, 2005. We also suggest the corresponding repair at the end of the paper.1 © Springer-Verlag Berlin Heidelberg 2006. | en_HK |
| dc.language | eng | en_US |
| dc.publisher | Springer Verlag. The Journal's web site is located at http://springerlink.com/content/105633/ | en_HK |
| dc.relation.ispartof | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) | en_HK |
| dc.subject | Computer Programming Languages | en_US |
| dc.subject | Parallel Processing Systems | en_US |
| dc.subject | Security Of Data | en_US |
| dc.subject | Standards | en_US |
| dc.title | Weakest link attack on single sign-on and its case in SAML V2.0 web SSO | en_HK |
| dc.type | Article | en_HK |
| dc.identifier.email | Chan, YY: yychan8@hkucc.hku.hk | en_HK |
| dc.identifier.authority | Chan, YY=rp00894 | en_HK |
| dc.description.nature | link_to_subscribed_fulltext | en_US |
| dc.identifier.doi | 10.1007/11751595_54 | en_HK |
| dc.identifier.scopus | eid_2-s2.0-33745907804 | en_HK |
| dc.relation.references | http://www.scopus.com/mlt/select.url?eid=2-s2.0-33745907804&selection=ref&src=s&origin=recordpage | en_HK |
| dc.identifier.volume | 3982 LNCS | en_HK |
| dc.identifier.spage | 507 | en_HK |
| dc.identifier.epage | 516 | en_HK |
| dc.identifier.eissn | 1611-3349 | - |
| dc.publisher.place | Germany | en_HK |
| dc.identifier.scopusauthorid | Chan, YY=7403676264 | en_HK |
| dc.identifier.issnl | 0302-9743 | - |