Zakaria, Nur Haryani and Wan Yaacob, Wan Mohd Yusoff and Katuk, Norliza and Mohamad Tahir, Hatim and Omar, Mohd Nizam (2016) A page token prototype of OpenID single sign-on (SSO) to thwart phishing attack. Journal of Telecommunication, Electronic and Computer Engineering, 8 (10). pp. 59-66. ISSN 2180-1843
Preview |
PDF
Available under License Creative Commons Attribution. Download (1MB) | Preview |
Abstract
Single Sign-on (SSO) authentication was introduced to overcome the problem of password memorability issue by enabling the users to login once using a set of username and password that allows an access into multiple websites.Among several SSO protocol, OpenID is said to offer flexibility and security. Unfortunately, the existing OpenID model is prone to phishing attack due to lack of countermeasures to ensure authenticity of OpenID provider. In view of the proliferation of phishing attack that exposed users to fraud website, information theft and unauthorized disclosure, this study attempts to identify and propose a suitable countermeasure in order to thwart phishing attack in OpenID environment. Therefore, this study intends to develop a prototype that implements Page Token in order to mitigate phishing attack.The findings revealed that the Page Token is possible to minimize the potential risk of phishing attack.
| Item Type: | Article |
|---|---|
| Uncontrolled Keywords: | OpenID; Page Token; Phishing Attack; Single Sign-On (SSO); |
| Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
| Divisions: | School of Computing |
| Depositing User: | Mrs. Nur Haryani Zakaria |
| Date Deposited: | 04 Jan 2017 01:48 |
| Last Modified: | 04 Jan 2017 01:48 |
| URI: | https://repo.uum.edu.my/id/eprint/20534 |
Actions (login required)
 |
View Item |