Hershey, Pennsylvania

New York, New YorkBeijing, China

Special Offers
- Emerging Topic e-Book Collections
  Acquire highly focused and affordable Cutting-Edge Peer-Reviewed Research Content through a selection of 20 topic-focused e-Book Collections discounted up to 90%, compared to list prices. Collection topics include Artificial Intelligence, Data Science, Language Learning, Marketing and Customer Relations, Sustainability, and many more. Hosted on the InfoSci^® platform, these collections feature no DRM, no additional cost for multi-user licensing, no embargo of content, full-text PDF & HTML format, and more.
  Learn More
- Open Access Book (Free Access) - Encyclopedia of Information Science and Technology, Sixth Edition (ISBN: 9781668473665)
  The Encyclopedia of Information Science and Technology, Sixth Edition) continues the legacy set forth by the first five editions by providing comprehensive coverage and up-to-date definitions of the most important issues, concepts, and trends pertaining to technological advancements and information management within a variety of settings and industries. The entire book is being published under open access.
  Read Now
- Open Access Book (Free Access) - Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries (ISBN: 9781668456293)
  Food Sustainability, Environmental Awareness, and Adaptation and Mitigation Strategies for Developing Countries provides information on the recent technology, mitigation, and environmental protection that must be applied for food sustainability in developing countries. This book is being published under Platinum Open Access through funding from Diponegoro University, Indonesia.
  Read Now
- Open Access Book (Free Access) - New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY (ISBN: 9781668438091)
  The Walmart Corporation and the Lumina Foundation have provided funding to make New Models of Higher Education: Unbundled, Rebundled, Customized, and DIY fully open access, completely removing any paywall between scholars in education and the latest research on new models for the future of higher education.
  Read Now
- Open Access Book (Free Access) - Handbook of Research on the Global View of Open Access and Scholarly Communications (ISBN: 9781799898054)
  Through a collaboration between IGI Global Scientific Publishing and the University of North Texas, the Handbook of Research on the Global View of Open Access and Scholarly Communications has been published as fully open access, completely removing any paywall between researchers of any field, and the latest research on the equitable and inclusive nature of Open Access and all of its complications.
  Read Now
Books
- - Books by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education & Social Sciences
  - Books by Field
Journals
- - Journals
  - OnDemand Journal Articles
  - Journals by Subject
  - Business, Administration, & Management
  - Scientific, Technical, & Medical (STM)
  - Education & Social Sciences
  - Journals by Field
e-Collections
OnDemand
Open Access
- View All Open Access Opportunities
  Search across all available IGI Global Scientific Publishing open access publishing opportunities to unleash your research potential.
  Find an Open Access Journal for Your Next Manuscript
  Search across all available IGI Global Scientific Publishing open access publishing opportunities to unleash your research potential.
  Submit an Open Access Book Proposal
  Learn more about open access book publishing and how it can propel your research forward in the field.
  Convert Your Work to Open Access
  Already published? You can convert your work to open access to increase its impact through the IGI Global Scientific Publishing Restrospective Open Access Program.
  Utilize Open Access Collection Database
  Open up your research potential by utilizing our open access content or integrating the open access collection into your library
  Consider Open Access Agreements
  For Libraries: consider no-cost or investment-level open access agreements with IGI Global Scientific Publishing to support your faculty's research endeavors.
  Search Funding Resources
  Looking for additional funding resources to support your open access endeavors? View industry resources compiled by our open access team.
  Review Open Access Policies & Ethical Guidelines
  Considering IGI Global Scientific Publishing to publish your work under open access? Review the IGI Global Scientific Publishing open access policies and ethical guidelines
Publish with Us
Resources
- - Instructors
  - Course Adoption
  - Teaching Cases
  - K-12 Online Learning Collection
  - Authors and Editors
  - eEditorial Discovery^® System
  - Peer Review Process
  - Ethics and Malpractice
  - COPE Membership
  - Fair Use Policy
  - Open Access Publishing
  - FAQ
Catalogs
About Us

Recent Developments in Simplified Sign-On

Kevin Curran (University of Ulster, UK), Jennifer Caldwell (University of Ulster, UK), Declan Walsh (University of Ulster, UK), and Marcella Gallacher (University of Ulster, UK)

Source Title: Digital Business Security Development: Management Technologies

DOI: 10.4018/978-1-60566-806-2.ch003

OnDemand:

(Individual Chapters)

Available

$37.50

Current Special Offers

No Current Special Offers

Abstract

Authentication is the process of determining whether a user is to be granted access and verifying that they are whom they claim to be. This is generally done via a login system; typically consisting of a user ID and a corresponding password. An intrinsic weakness of this system of authentication is that passwords are easily forgotten, accidentally revealed, can be second guessed, or even stolen. Users today have multiple email accounts; manage their financial affairs, buy, and even sell regularly online. Many sites offer the opportunity to sign up. This can be problematic for managing usernames and passwords and it encourages insecure practices, such as writing them down, storing them electronically, or reusing the same login data on multiple Web sites repeatedly. One of the most common online security issues faced today is that every Web site has its own diverse authentication system that significantly heightens the probability of online crime, such as fraud and identity theft and, furthermore, can compromise the privacy of the individual. A common network identity-verification method is Simplified Sign-On, which allows users to roam between sites without having to repeatedly enter identifying information. Privacy of user’s information should be maintained, as only relevant details are passed on to other sites. A number of organizations are already taking Simplified Sign-On on board and have had successful outcomes using this type of system. Some companies, such as Microsoft Passport, have used a Single Sign-On password system but they have had security and privacy issues after the launch. The future for most, if not all, users may be a secure and private single logon to access different sites and accounts on the Internet via Simplified Sign-On. This paper discusses Simplified Sign-On in more detail.

Chapter Preview

Top

Introduction

Plain old authentication can be defined in many ways but perhaps the simplest and most relevant definition to most computer users is a security measure for checking a network user's identity. Even in today’s world of digital certificates and biometrics, authentication most typically takes the form of a username and password. Figure 1 shows a standard authentication process. Note that this is Basic authentication, wherein the Web server prompts for a username and password. Other common Web authentication types are Anonymous (no authentication required) and Integrated (currently logged in authentication details automatically checked to see if the user can access the resource). Simplified Sign-On is the concept of allowing users to move from one Web site to another on the Web without having to enter identifying information numerous times (see Figure 2). A person would enter, for example, a username and password, at the start of a network session, and this authentication information would be automatically passed to each Web site they visit thereafter. A network session might be when a user connects to the Internet or opens a Web browser. The rationale behind Simplified Sign-On is obvious; the growth of the Web has led to people having to manage a host of usernames and passwords for Web sites. An average Web user now shops online, pursues hobbies online, manages their bank accounts online, and communicates online using email, instant messaging and photo-sharing (Perry, 2006). The list is lengthy and almost all of these require authentication, usually in the form of a username and password. For many users, a single sign-on would be welcome. Listed below are some of the obvious benefits of Simplified Sign-On.

Figure 1.

Authentication on the Web

Figure 2.

Simplified Sign-On on the Web

•
More convenient for the user as they have to remember only one username and password.
•
Security issues reduced as the user should not have to write down the one username/password.
•
With only one authentication system, there is less chance of having the password stolen.
•
As the user has to logon only once, there is faster access to different sites.
•
There should be a continuous link to different sites.
•
The system is managed centrally.

As well as speed and convenience, Simplified Sign-On also offers improved security. Web users no longer have to remember and manage countless logons (making them more vulnerable to fraud) and organizations have less responsibility for the security and privacy of peoples’ authentication (and personal) information. The balkanization of today’s online identity-verifying systems is a big part of the Internet’s fraud and security crisis. Improving and maintaining people’s trust in the internet is critical to its survival as a useful, thriving entity (Talbot, 2006). Also, if authentication is consolidated in one session or authority, Web users only need to share their personal information once instead of giving numerous copies of that information to multiple third parties. This means greater privacy for users and less risk of personal information being accessed. Many companies have already encountered these issues on an organizational scale; workers use numerous systems and have to manage authentication for each of them. This causes a lot of inconvenience to users, I.T. resources are wasted resetting passwords and administering user accounts, and security can be compromised by users writing down usernames and passwords because they cannot remember them. As a result, many organizations have implemented Simplified Sign-On that allows workers (or students, or customers) to log in once, in order to access all the systems they use. Scaling up this kind of solution to something as vast and heterogeneous as the Web is a challenge.

Complete Chapter List

Search this Book:

Reset

MLA

APA

Chicago

Export Reference

Recent Developments in Simplified Sign-On

Abstract

Introduction

Complete Chapter List