A Performant and Secure Single Sign-On System Using Microservices

被引：0

作者：

Moghaddam, Mahyar T. ^{[1
]}

Pedersen, Andreas Edal ^{[1
]}

Bolding, William Walter Lillebroe ^{[2
]}

Worm, Torben ^{[1
]}

机构：

[1] Univ Southern Denmark, Odense, Denmark

[2] VIA Univ Coll, Aarhus, Denmark

来源：

38TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, SAC 2023 | 2023年

关键词：

Empirical Software Engineering; Microservices; Single Sign-On; Performance; Security;

D O I：

10.1145/3555776.3577869

中图分类号：

TP39 [计算机的应用];

学科分类号：

081203 ; 0835 ;

摘要：

The Single Sign-On (SSO) method eases the authentication and authorization process. The solution substantially impacts the users' experience since they only need to authenticate once to access multiple services without re-authenticating. This paper adopts an incremental prototyping approach to develop an SSO system. The research reveals that while SSO improves users' quality of experience, it could imply performance and security issues if traditional architectures are adopted. Thus, a Microservices-based approach with containerization is subsequently proposed to overcome SSO's quality issues in practice. The SSO system is containerized using Docker and managed using Docker Compose. The results show a significant performance and security improvement.

引用

页码：1516 / 1519

页数：4

共 50 条

[21] Single Sign-On Under Quantum Cryptography
Dai, Guiping
Wang, Yong
[J]. INTERNATIONAL JOURNAL OF THEORETICAL PHYSICS, 2014, 53 (01) : 188 - 193
[22] Web services single sign-on protocol and formal analysis on it
Zheng, DX
Tang, SH
Li, SF
[J]. JOURNAL OF CIRCUITS SYSTEMS AND COMPUTERS, 2005, 14 (05) : 923 - 930
[23] Single Sign-On Assistant: An Authentication Broker for Web Applications
Zhu, Fei
Diao, Hongjun
[J]. THIRD INTERNATIONAL CONFERENCE ON KNOWLEDGE DISCOVERY AND DATA MINING: WKDD 2010, PROCEEDINGS, 2010, : 146 - 149
[24] Implementation of a single sign-on system between practice, research and learning systems
Purkayastha, Saptarshi
Gichoya, Judy W.
Addepally, Siva Abhishek
[J]. APPLIED CLINICAL INFORMATICS, 2017, 8 (01): : 306 - 312
[25] NFC Based Mobile Single Sign-On Solution as a Chrome Extension
Celikkan, Ufuk
Gelis, Can
[J]. 2014 11TH INTERNATIONAL CONFERENCE ON SECURITY AND CRYPTOGRAPHY (SECRYPT), 2014, : 337 - 343
[26] A Taxonomy Model for Single sign-on Oriented towards Cloud Computing
Batista, Glauber C.
Pillon, Mauricio A.
Koslovski, Guilherme P.
Miers, Charles C.
Simplicio Jr, Marcos A.
Gonzalez, Nelson M.
[J]. CLOSER: PROCEEDINGS OF THE 8TH INTERNATIONAL CONFERENCE ON CLOUD COMPUTING AND SERVICES SCIENCE, 2018, : 573 - 581
[27] A centralized cookie-based single sign-on in distributed systems
Chalandar, Maryarri Eslami
Darvish, Parviz
Rahmani, Amir Masoud
[J]. MEDIA CONVERGENCE: MOVING TO THE NEXT GENERATION, 2007, : 163 - 165
[28] Using Smart Card to Achieve a Single Sign-on for Multiple Cloud Services
Hwang, Min-Shiang
Sun, Tsuei-Hung
[J]. IETE TECHNICAL REVIEW, 2013, 30 (05) : 410 - 416
[29] A Single Sign-On Mechanism with RBAC in Cloud Environment
Wu, Mei-Yu
Chang, Shih-Fang
Wu, Yi-Jheng
[J]. MULTIMEDIA AND UBIQUITOUS ENGINEERING, 2014, 308 : 323 - 328
[30] THE STUDY OF MULTI-LEVEL AUTHENTICATION-BASED SINGLE SIGN-ON SYSTEM
Ying, Niu
Yao, Zhao
Hua, Zou
[J]. PROCEEDINGS OF 2009 2ND IEEE INTERNATIONAL CONFERENCE ON BROADBAND NETWORK & MULTIMEDIA TECHNOLOGY, 2009, : 448 - 452

← 1 2 3 4 5 →