A Survey on Federated Identity Management Systems Limitation and Solutions

Aldosary, Maha; Alqahtani, Norah

doi:10.5121/ijnsa.2021.13304

Cited by 2 publications

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Unclassified

Order By: Relevance

“…Dengan semakin banyaknya aplikasi dan sumber daya yang tersedia untuk pengajar, staf, dan mahasiswa, penyediaan akses yang seamless menjadi semakin penting. Single Sign-On (SSO) dapat menjadi salah satu solusi untuk mengintegrasikan sistem yang dimiliki perguruan tinggi [3]. SSO menyediakan tempat terpusat untuk mengakses semua aplikasi dan sumber daya dengan satu username dan password.…”

Section: Pendahuluanunclassified

Evaluasi Penerapan Single Sign-on Saml Dan Oauth 2.0: Studi Pada Perguruan Tinggi Yogyakarta

Salmuasih

Setiawan

2023

JSiI

View full text Add to dashboard Cite

Dalam memutuskan strategi Single Sign-On (SSO) yang efektif, perguruan tinggi perlu memahami manfaat SSO, mengidentifikasi kebutuhan spesifik organisasi, dan memilih protokol yang akan memenuhi kebutuhan tersebut. Kontribusi penelitian ini adalah menganalisis efektifitas penerapan SSO protokol SAML dan OAuth 2.0 pada perguruan tinggi Yogyakarta. Langkah penelitian meliputi pengumpulan data, kemudian melakukan analisis penerapan protokol SAML dan OAuth 2.0 terhadap referensi yang relevan. Pengumpulan data dilakukan melalui literatur review, observasi pada domain-domain website resmi perguruan tinggi, survei, dan wawancara kepada 22 responden dari 17 Pusat IT perguruan tinggi. Dari hasil survei dan wawancara ditemukan ketidaksesuaian penerapan protokol pada 7 perguruan tinggi yang mengintegrasikan aplikasi native (desktop-based/mobile-based) dan IoT menggunakan SAML dan juga ditemukan ketidaksesuaian penerapan protokol yaitu OAuth 2.0 pada 2 perguruan tinggi. Hasil analisis menunjukkan bahwa beberapa perguruan tinggi belum menerapkan SSO secara efektif. Meskipun 60% perguruan tinggi mengklaim telah melakukan riset dalam pemilihan protokol SSO yang digunakan, namun pada praktiknya masih dijumpai penerapan SSO yang justru menambah kompleksitas permasalahan sebelumnya. Kata kunci: evaluasi, oauth 2.0, perguruan tinggi, saml, single sign-on

show abstract

Section: Pendahuluanunclassified

Evaluasi Penerapan Single Sign-on Saml Dan Oauth 2.0: Studi Pada Perguruan Tinggi Yogyakarta

Salmuasih

Setiawan

2023

JSiI

View full text Add to dashboard Cite

show abstract

“…According to Aldosary and Norah (2021), the four main FIDM components include: A user is a person who acquires a specific digital identity to interact with some services. The user agent or user interface is a software application or browser that allows users to interact with the services they require. The service provider (SP) site is an entity that offloads authentication to a third party. SP can also be called relying party (RP) as it relies on external identity authorization entities (i.e., IdP) to decide access to its services. The identity provider (IdP) is an entity that identifies users that later enables SPs to authorize user accesses based on their identities. …”

Section: Federated Idmmentioning

confidence: 99%

“…Simpson (2016) conducted a systematic FIDM security analysis survey, which categorizes security incidents that occur in FIM protocols to specify the FIDM problem landscape. Aldosary and Norah (2021) provided a comparison between FIdM architectures such as liberty alliance, security assertion markup language SAML v2.0, WS-Federation, Shibboleth, and so forth to summarize the FIDM limitations based on how it affects the user. In Simpson (2016), the author not only reviews a comprehensive attack surface of attacks in FIDM, but also models the escalation of attacks, that is, how attacks on one stakeholder can cause possible attacks on other stakeholders.…”

Section: Introductionmentioning

confidence: 99%

A comparative cyber risk analysis between federated and self-sovereign identity management systems

Le,

Epiphaniou,

Maple

2023

Data & Policy

View full text Add to dashboard Cite

Self-sovereign identity (SSI) is an emerging and promising concept that enables users to control their identity while enhancing security and privacy compared to other identity management (IDM) approaches. Despite the recent advancements in SSI technologies, federated identity management (FIDM) systems continue to dominate the IDM market. Selecting an IDM to implement for a specific application is a complex task that requires a thorough understanding of the potential external cyber risks. However, existing research scarcely compares SSI and FIDM from the perspective of these external threats. In response to this gap, our article provides an attack surface analysis focused solely on external threats for both systems. This analysis can serve as a reference to compare the relevant security and privacy risks associated with these external threats. The threat landscapes of external attackers were systematically synthesized from the main components and functionalities of the common standards and designs. We further present a use case analysis that applies this attack surface analysis to compare the external cyber risks of the two systems in detail when managing cross-border identity between European countries. This work can be particularly useful for considering a more secure design for future IDM applications, taking into account the landscape of external threats.

show abstract

A Survey on Federated Identity Management Systems Limitation and Solutions

Cited by 2 publications

References 0 publications

Evaluasi Penerapan Single Sign-on Saml Dan Oauth 2.0: Studi Pada Perguruan Tinggi Yogyakarta

Evaluasi Penerapan Single Sign-on Saml Dan Oauth 2.0: Studi Pada Perguruan Tinggi Yogyakarta

A comparative cyber risk analysis between federated and self-sovereign identity management systems

Contact Info

Product

Resources

About