Logout in Single Sign-on Systems

Abstract : Single sign-on (SSO) helps users to cope with many online services that require authentication. Systems such as OpenID and SAML-based Shibboleth offer federated identity management where an Identity Provider authenticates the user on behalf of the services. Much research concentrates on making authentication stronger, preventing phishing and making the systems more user friendly but less attention has been paid to the termination of the authentication sessions i.e. logout. It is, however, equally important that the sessions do not remain open when, for example, a student using shared computers in a university library leaves the workstation. In this article, we describe challenges related to logout in federated identity management on web based services and give guidelines for implementing reliable logout from services that use single sign-on.
Type de document :
Communication dans un congrès
Simone Fischer-Hübner; Elisabeth Leeuw; Chris Mitchell. 3rd Policies and Research in Identity Management (IDMAN), Apr 2013, London, United Kingdom. Springer, IFIP Advances in Information and Communication Technology, AICT-396, pp.147-160, 2013, Policies and Research in Identity Management. 〈10.1007/978-3-642-37282-7_14〉
Liste complète des métadonnées

Littérature citée [24 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01470498
Contributeur : Hal Ifip <>
Soumis le : vendredi 17 février 2017 - 14:48:39
Dernière modification le : vendredi 17 février 2017 - 15:16:31
Document(s) archivé(s) le : jeudi 18 mai 2017 - 14:57:15

Fichier

978-3-642-37282-7_14_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Sanna Suoranta, Asko Tontti, Joonas Ruuskanen, Tuomas Aura. Logout in Single Sign-on Systems. Simone Fischer-Hübner; Elisabeth Leeuw; Chris Mitchell. 3rd Policies and Research in Identity Management (IDMAN), Apr 2013, London, United Kingdom. Springer, IFIP Advances in Information and Communication Technology, AICT-396, pp.147-160, 2013, Policies and Research in Identity Management. 〈10.1007/978-3-642-37282-7_14〉. 〈hal-01470498〉

Partager

Métriques

Consultations de la notice

121

Téléchargements de fichiers

513