A Performant and Secure Single Sign-On System Using Microservices

被引:0
|
作者
Moghaddam, Mahyar T. [1 ]
Pedersen, Andreas Edal [1 ]
Bolding, William Walter Lillebroe [2 ]
Worm, Torben [1 ]
机构
[1] Univ Southern Denmark, Odense, Denmark
[2] VIA Univ Coll, Aarhus, Denmark
来源
38TH ANNUAL ACM SYMPOSIUM ON APPLIED COMPUTING, SAC 2023 | 2023年
关键词
Empirical Software Engineering; Microservices; Single Sign-On; Performance; Security;
D O I
10.1145/3555776.3577869
中图分类号
TP39 [计算机的应用];
学科分类号
081203 ; 0835 ;
摘要
The Single Sign-On (SSO) method eases the authentication and authorization process. The solution substantially impacts the users' experience since they only need to authenticate once to access multiple services without re-authenticating. This paper adopts an incremental prototyping approach to develop an SSO system. The research reveals that while SSO improves users' quality of experience, it could imply performance and security issues if traditional architectures are adopted. Thus, a Microservices-based approach with containerization is subsequently proposed to overcome SSO's quality issues in practice. The SSO system is containerized using Docker and managed using Docker Compose. The results show a significant performance and security improvement.
引用
收藏
页码:1516 / 1519
页数:4
相关论文
共 50 条
  • [31] Grid single sign-on in CCLRC
    Jensen, Jens
    Spence, David
    Viljoen, Matthew
    PROCEEDINGS OF THE UK E-SCIENCE ALL HANDS MEETING 2006, 2006, : 273 - +
  • [32] Proposal of Delegation Using Electronic Certificates on Single Sign-On System with SAML-Protocolac
    Komura, Takaaki
    Nagai, Yasuhiro
    Hashimoto, Shoichi
    Aoyagi, Makiko
    Takahashi, Kenji
    2009 9TH ANNUAL INTERNATIONAL SYMPOSIUM ON APPLICATIONS AND THE INTERNET, 2009, : 235 - +
  • [33] Efficient and Secure Time-Key Based Single Sign-On Authentication for Mobile Devices
    Odelu, Vanga
    Das, Ashok Kumar
    Choo, Kim-Kwang Raymond
    Kumar, Neeraj
    Park, Youngho
    IEEE ACCESS, 2017, 5 : 27707 - 27721
  • [34] From Multiple Credentials to Browser-Based Single Sign-On: Are We More Secure?
    Armando, Alessandro
    Carbone, Roberto
    Compagna, Luca
    Cuellar, Jorge
    Pellegrino, Giancarlo
    Sorniotti, Alessandro
    FUTURE CHALLENGES IN SECURITY AND PRIVACY FOR ACADEMIA AND INDUSTRY, 2011, 354 : 68 - +
  • [35] CAS++: An open source single sign-on solution for secure e-services
    Ardagna, Claudio Agostino
    Damiani, Ernesto
    Di Vimercati, Sabrina De Capitani
    Frati, Fulvio
    Samarati, Pierangela
    SECURITY AND PRIVACY IN DYNAMIC ENVIRONMENTS, 2006, 201 : 208 - +
  • [36] From multiple credentials to browser-based single sign-on: Are we more secure?
    DIST, Università degli Studi di Genova, Italy
    不详
    不详
    不详
    不详
    IFIP Advances in Information and Communication Technology, (68-79):
  • [37] Single Sign-On Under Quantum Cryptography
    Guiping Dai
    Yong Wang
    International Journal of Theoretical Physics, 2014, 53 : 188 - 193
  • [38] An Improved Scheme of Single Sign-on Protocol
    Jian, Yang
    FIFTH INTERNATIONAL CONFERENCE ON INFORMATION ASSURANCE AND SECURITY, VOL 1, PROCEEDINGS, 2009, : 495 - 498
  • [39] Single sign-on for Java Web Start applications using MyProxy
    National Center for Supercomputing Applications, 1205 W. Clark St., Urbana, IL 61801, United States
    ACM SIGSAC, 1600, 95-101 (2006):
  • [40] CHARACTERIZATION OF WEB SINGLE SIGN-ON PROTOCOLS
    Beltran, Victoria
    IEEE COMMUNICATIONS MAGAZINE, 2016, 54 : 24 - 30
12345