Zakaria, Nur Haryani and Mat Nayan, Nadia Hasidah and Mohamad Tahir, Hatim and Katuk, Norliza and Mohammed, Abubakar (2017) The requirement model for improved openID single Sign-On (SSO) authentication to thwart phishing attack. Advanced Science Letters, 23 (6). pp. 5410-5414. ISSN 1936-6612

Full text not available from this repository. (Request a copy)

Abstract

The problem of password memorability among users has led to the introduction of Single Sign-On (SSO) authentication. It enables users to login using a set of username and password which then allows an access into multiple websites without the hassle of repeating the same usernames and passwords. One of the most common SSO protocol is OpenID which is said to offer flexibility and security. Unfortunately, the existing OpenID model is prone to phishing attack whereby there is a lack of mechanism to ensure the authenticity of the OpenID provider. This scenario complicates the situation especially when there exists tools to generate phishing attacks are easily available without requiring much technical expertise. Moreover, users awareness are claimed to be insufficient to rely on since statistics of phishing attacks are shown to be increasing. Thus, this research attempts to propose page token as a mechanism to thwart phishing attack. This research produced and evaluated an improved requirement model that incorporates the page token as proposed mechanism. The outcomes show promising result towards the effort of thwarting phishing attacks.

Item Type:	Article
Uncontrolled Keywords:	OpenID Protocol; Page Token; Phishing Attack; Single Sign-On (SSO); Unified Modeling Language (UML)
Subjects:	Q Science > QA Mathematics > QA75 Electronic computers. Computer science
Divisions:	School of Computing
Depositing User:	Mrs. Norazmilah Yaakub
Date Deposited:	28 Feb 2019 03:16
Last Modified:	28 Feb 2019 03:16
URI:	https://repo.uum.edu.my/id/eprint/25683

Actions (login required)

View Item