Home // ICN 2020, The Nineteenth International Conference on Networks // View article

Design and Implementation of Password less Single Sign On Authentication Mechanism

Authors:
Fatima Hussain
Rasheed Hussain
Damir Samatov
Andrey Bogatyrev
Salah Sharieh

Keywords: SSO(Single Sign-On), Passwordless, Keycloack, OAuth, OpenID Connect, Identity Server, Magic-Link, Authentication, Authorization

Abstract:
Single Sign-On (SSO) is an access control mechanism that enables a user to get authenticated only once through an authenticated server, and get access to all other available services (related to authentication server) without providing credential again. Passwords are considered as the most popular method for user authentication. However, password selection and management is a challenging task. In this paper, we design and implement a password less authentication mechanism and also present the SSO implementation with magic-links technique. In essence, we design two password less SSO scenarios. In the first scenario of the proposed SSO technique, we create global and local sessions based on JSON Web Token (JWT) tokens and then grant access to services (based on JavaScript). In the second scenario, the open-source identity server framework is modified in a way to create a session key (token) distributed among the connected services and users can be authorized by using protocols, such as OAuth with OpenID Connect. The proposed mechanism addresses the problem of limitations with the passwords and further scales the SSO techniques across different services.

Pages: 81 to 85

Copyright: Copyright (c) IARIA, 2020

Publication date: February 23, 2020

Published in: conference

ISSN: 2308-4413

ISBN: 978-1-61208-770-2

Location: Lisbon, Portugal

Dates: from February 23, 2020 to February 27, 2020