A Performant and Secure Single Sign-On System Using Microservices

被引:0
|
作者
Moghaddam, Mahyar T. [1 ]
Pedersen, Andreas Edal [1 ]
Bolding, William Walter Lillebroe [2 ]
Worm, Torben [1 ]
机构
[1] Univ Southern Denmark, Odense, Denmark
[2] VIA Univ Coll, Aarhus, Denmark
来源
38TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, SAC 2023 | 2023年
关键词
Empirical Software Engineering; Microservices; Single Sign-On; Performance; Security;
D O I
10.1145/3555776.3577869
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
The Single Sign-On (SSO) method eases the authentication and authorization process. The solution substantially impacts the users' experience since they only need to authenticate once to access multiple services without re-authenticating. This paper adopts an incremental prototyping approach to develop an SSO system. The research reveals that while SSO improves users' quality of experience, it could imply performance and security issues if traditional architectures are adopted. Thus, a Microservices-based approach with containerization is subsequently proposed to overcome SSO's quality issues in practice. The SSO system is containerized using Docker and managed using Docker Compose. The results show a significant performance and security improvement.
引用
收藏
页码:1516 / 1519
页数:4
相关论文
共 50 条
  • [1] Secure Single Sign-on Schemes Constructed from Nominative Signatures
    Wang, Jingquan
    Wang, Guilin
    Susilo, Willy
    2013 12TH IEEE INTERNATIONAL CONFERENCE ON TRUST, SECURITY AND PRIVACY IN COMPUTING AND COMMUNICATIONS (TRUSTCOM 2013), 2013, : 620 - 627
  • [2] Secure Cross-Cloud Single Sign-On (SSO) using eIDs
    Zwattendorfer, Bernd
    Tauber, Arne
    2012 INTERNATIONAL CONFERENCE FOR INTERNET TECHNOLOGY AND SECURED TRANSACTIONS, 2012, : 150 - 155
  • [3] A Security Research on Single Sign-On System Based on CAS
    Zhang Xiao-yin
    Chen Guo-sheng
    2011 INTERNATIONAL CONFERENCE ON COMPUTER APPLICATION AND EDUCATION TECHNOLOGY (ICCAET 2011), 2011, : 209 - 212
  • [4] Design on a Single Sign-On Scheme
    Lei, Wen
    Liang, Xingjian
    Zhang, Hong
    ADVANCES IN SCIENCE AND ENGINEERING, PTS 1 AND 2, 2011, 40-41 : 531 - 536
  • [5] Single sign-on using dusted platforms
    Pashalidis, A
    Mitchell, CJ
    INFORMATION SECURITY, PROCEEDINGS, 2003, 2851 : 54 - 68
  • [6] Using GSM/UMTS for Single Sign-On
    Pashalidis, A
    Mitchell, C
    SYMPOTIC'03: JOINT IST WORKSHOP ON MOBILE FUTURE & SYMPOSIUM ON TRENDS IN COMMUNICATIONS, PROCEEDINGS, 2003, : 138 - 145
  • [7] Using EMV cards for single sign-on
    Pashalidis, A
    Mitchell, CJ
    PUBLIC KEY INFRASTRUCTURE, PROCEEDINGS, 2004, 3093 : 205 - 217
  • [8] A secure two-factor authentication scheme for single sign-on services
    Brasee, Kaleb
    Makki, S. Kami
    Zeadally, Sherali
    SECURITY AND COMMUNICATION NETWORKS, 2009, 2 (04) : 315 - 323
  • [9] Design of single sign-on
    Zhao, G
    Zheng, D
    Chen, KF
    PROCEEDINGS OF THE IEEE INTERNATIONAL CONFERENCE ON E-COMMERCE TECHNOLOGY FOR DYNAMIC E-BUSINESS, 2004, : 253 - 256
  • [10] A user-centric federated single sign-on system
    Suriadi, Suriadi
    Foo, Ernest
    Josang, Audun
    JOURNAL OF NETWORK AND COMPUTER APPLICATIONS, 2009, 32 (02) : 388 - 401
12345