Evaluation of OpenID-Based Double-Factor Authentication for Preventing Session Hijacking in Web Applications

Artigo

Evaluation of OpenID-Based Double-Factor Authentication for Preventing Session Hijacking in Web Applications

2012; Academy Publisher; Volume: 7; Issue: 11 Linguagem: Inglês

10.4304/jcp.7.11.2623-2628

ISSN

1796-203X

Autores

Muhammad Asif, Nitin Kumar Tripathi,

Tópico(s)

Network Security and Intrusion Detection

Resumo

Web users often find it difficult to manage their identities (IDs) due to large number of web applications. An effective and convenient ID management system is needed to handle the problem. OpenID is one of the better solutions to manage this task on heterogeneous web applications due to its lightweight and simple protocol. However, it is quite vulnerable to session hijacking, resulting in identity theft of a particular user. In this paper, we present a modified approach, based on double authentication that minimizes the risk of session hijacking in an OpenID environment.

Ver no editor

Altmetric

PlumX

Entrar

Lembrar minha senha

Receber meu e-mail de confirmação

Evaluation of OpenID-Based Double-Factor Authentication for Preventing Session Hijacking in Web Applications