mailto:uumlib@uum.edu.my 24x7 Service; AnyTime; AnyWhere

A page token prototype of OpenID single sign-on (SSO) to thwart phishing attack

Zakaria, Nur Haryani and Wan Yaacob, Wan Mohd Yusoff and Katuk, Norliza and Mohamad Tahir, Hatim and Omar, Mohd Nizam (2016) A page token prototype of OpenID single sign-on (SSO) to thwart phishing attack. Journal of Telecommunication, Electronic and Computer Engineering, 8 (10). pp. 59-66. ISSN 2180-1843

[thumbnail of JTEC 8 10 2016 59 66.pdf]
Preview
PDF
Available under License Creative Commons Attribution.

Download (1MB) | Preview

Abstract

Single Sign-on (SSO) authentication was introduced to overcome the problem of password memorability issue by enabling the users to login once using a set of username and password that allows an access into multiple websites.Among several SSO protocol, OpenID is said to offer flexibility and security. Unfortunately, the existing OpenID model is prone to phishing attack due to lack of countermeasures to ensure authenticity of OpenID provider. In view of the proliferation of phishing attack that exposed users to fraud website, information theft and unauthorized disclosure, this study attempts to identify and propose a suitable countermeasure in order to thwart phishing attack in OpenID environment. Therefore, this study intends to develop a prototype that implements Page Token in order to mitigate phishing attack.The findings revealed that the Page Token is possible to minimize the potential risk of phishing attack.

Item Type: Article
Uncontrolled Keywords: OpenID; Page Token; Phishing Attack; Single Sign-On (SSO);
Subjects: Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions: School of Computing
Depositing User: Mrs. Nur Haryani Zakaria
Date Deposited: 04 Jan 2017 01:48
Last Modified: 04 Jan 2017 01:48
URI: https://repo.uum.edu.my/id/eprint/20534

Actions (login required)

View Item View Item