Hybrid Single Sign-On Protocol for Lightweight Devices

摘要

As the dependency on Internet is increasing, the service providers are launching numerous web applications to facilitate the users. Due to threat of unauthorized access they want to identify their users accurately. In the same way, leakage of sensitive information makes clients aware enough to make sure whom they are dealing with. This leads to the requirement of a Centralized Authentication System(CAS). The involvement of CAS introduces the single sign on capability at client side. Once the individual proves his identity to the CAS, it will be assured to all those services that trust on CAS. There are several existing solutions like Kerberos and SAML. This paper introduces a single sign-on protocol which combines the protocol architecture of Kerberos with the functionality of SAML. Finding the deficits in the SAML architecture we try to improve it by adapting strong protocol architecture. As a proof of concept, we study the formal analysis of the proposed security protocol through different tools like CASPER and SCYTHER.