Please use this identifier to cite or link to this item: https://www.um.edu.mt/library/oar/handle/123456789/95813
Title: A single sign-on authentication framework for security-critical Web applications
Authors: Schembri, Bernard (2004)
Keywords: Information technology
Internet -- Security measures
Computer security
Issue Date: 2004
Citation: Schembri, B. (2004). A single sign-on authentication framework for security-critical Web applications (Bachelor's dissertation).
Abstract: As more organisations move their applications to the web, the need for secure authentication methods for security-critical applications is increasing rapidly. At the same time, many organisations cannot afford to develop their own strong authentication mechanisms and sometimes end up developing systems vulnerable to security flaws inherited from the complexity of web development technologies. In the first chapter of this report we introduce the reader to web application security with special emphasis on authentication-related issues. We show how password-based systems could easily be vulnerable to identity theft, and we also highlight common mistakes in web application development that lead to serious security issues. We produce a set of guidelines that help web developers write and test secure web applications. After stressing the need for strong authentication mechanisms to access our sensitive information online, we proceed to introduce IdentiLink - the framework developed for this final year project. IdentiLink attempts to make it easy for organisations to implement strong authentication on their web applications. The framework implements multi-factor authentication by delivering one-time passwords via SMS, taking advantage of the widespread use of mobile phones and the strong security built into GSM SIM Cards. It also implements a single sign-on mechanism that allows users to be authenticated simultaneously with a single profile across multiple affiliated Service Providers. On the other hand, web site owners can plug-in strong authentication with no programming at all. IdentiLink implements a consent-driven infrastructure, based on secure web-services, for sharing user profile attributes, with the user being in full control of which organisations have access to which data. The framework is also extensible, allowing management and reporting applications to be built on top of it.
Description: B.Sc. IT (Hons)(Melit.)
URI: https://www.um.edu.mt/library/oar/handle/123456789/95813
Appears in Collections:Dissertations - FacICT - 1999-2009
Dissertations - FacICTCS - 1999-2007

Files in This Item:
File Description SizeFormat 
BSC(HONS)IT_Schembri_Bernard_2004.pdf
  Restricted Access
14.97 MBAdobe PDFView/Open Request a copy


Items in OAR@UM are protected by copyright, with all rights reserved, unless otherwise indicated.