Malmö University Publications
Planned maintenance
A system upgrade is planned for 10/12-2024, at 12:00-13:00. During this time DiVA will be unavailable.
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
Hardening SAML by Integrating SSO and Multi-Factor Authentication (MFA) in the Cloud
Edith Cowan Univ, Dept Comp Sci, Joondalup, Australia.
Malmö University, Faculty of Technology and Society (TS), Department of Computer Science and Media Technology (DVMT).ORCID iD: 0000-0003-4071-4596
Qatar Community Coll, Dept Comp Sci, Doha, Qatar.
Illinois State Univ, Sch Informat Technol, Normal, IL 61761 USA.
Show others and affiliations
2020 (English)In: 3RD INTERNATIONAL CONFERENCE ON NETWORKING, INFORMATION SYSTEM & SECURITY (NISS'20) / [ed] Mohamed, B Abdelhakim, BA Said, R Dirss, LM Alaoui, EA, ACM Digital Library, 2020, article id 56Conference paper, Published paper (Refereed)
Abstract [en]

Even though the cloud paradigm and its associated services has been adopted in various enterprise applications, there has been major issues with regard to authenticating users' critical data. Single Sign on (SSO) is a user authentication technique through which a server authenticates and allows a user to use a single aspect of login credentials, for example, to access multiple services in the cloud. Even though SSO reduces the number of logins that are needed over heterogeneous environments, the risk that might be associated with the security of SSO might be detrimental if, for example, a Man-in-the Middle (MITM) attacker manages to gain control of the SSO credentials. It is also possible to get the identity of the users who have logged into Active Directory or intranet and this identity can easily be used to log into other web-based applications, and this requires the use of the Security Assertion Mark-up Language (SAML). SAML is basically a standard that allows users to be logged into applications as per their sessions. The problem that this paper addresses is the lack of a proactive technique of hardening cloud-based SAML while combining SSO with a Multi-Factor Authentication (MFA) at the time of writing this paper. The authors have, therefore, proposed an effective approach that unifies SSO with MFA in this context. Based on the base score index conducted over Common Vulnerability Scoring System (CVSS), the architecture proves to be reliable, feasible and with better performance.

Place, publisher, year, edition, pages
ACM Digital Library, 2020. article id 56
Keywords [en]
SAML, Single sign on, Multi-Factor Authentication, CVSS
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:mau:diva-44013DOI: 10.1145/3386723.3387875ISI: 000649337600056Scopus ID: 2-s2.0-85117541419ISBN: 978-1-4503-7634-1 (print)OAI: oai:DiVA.org:mau-44013DiVA, id: diva2:1571255
Conference
3rd International Conference on Networking, Information Systems & Security, March 2020
Available from: 2021-06-22 Created: 2021-06-22 Last updated: 2024-10-01Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full textScopus

Authority records

Kebande, Victor R.

Search in DiVA

By author/editor
Kebande, Victor R.
By organisation
Department of Computer Science and Media Technology (DVMT)
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 48 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf