A General and Flexible Access-Control System for the Web
Proceedings of the 11th USENIX Security Symposium
Establishing and protecting digital identity in federation systems
Journal of Computer Security - The First ACM Workshop on Digital Identity Management -- DIM 2005
Dos and don'ts of client authentication on the web
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Trust Negotiation in Identity Management
IEEE Security and Privacy
Dos and don'ts of client authentication on the web
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Performance analysis of a cross-layer SSO mechanism for a roaming infrastructure
Journal of Network and Computer Applications
Cookies: A deployment study and the testing implications
ACM Transactions on the Web (TWEB)
Integrative security management for web-based enterprise applications
WAIM'05 Proceedings of the 6th international conference on Advances in Web-Age Information Management
SSO password-based multi-server authentication protocol
International Journal of Communication Networks and Distributed Systems
Authentication session migration
NordSec'10 Proceedings of the 15th Nordic conference on Information Security Technology for Applications
Simplified authentication and authorization for RESTful services in trusted environments
ESOCC'12 Proceedings of the First European conference on Service-Oriented and Cloud Computing
| Hi-index | 0.00 |
The proliferation of web applications forces users to manage multiple user names and passwords daily. Various single sign-on solutions that depend upon PKI, Kerberos, or password-store have been proposed, but they require client side infrastructure and new administrative steps. Single sign-on in a web based intranet environment can be achieved using http cookies. This paper analyses cookie security issues and proposes a cookie based single sign-on architecture.