Developing a Single Sign-On System - A Java-based authentication platform aimed at the web.

Examensarbete för masterexamen

Please use this identifier to cite or link to this item: https://hdl.handle.net/20.500.12380/117173
Download file(s):
File Description SizeFormat 
117173.pdfFulltext967.15 kBAdobe PDFView/Open
Type: Examensarbete för masterexamen
Master Thesis
Title: Developing a Single Sign-On System - A Java-based authentication platform aimed at the web.
Authors: Jernevad, Henrik
Abstract: A typical computer user today, spends a lot of her time on the Web. As a part of this, she often needs to type her username and password at a dozen different sites or more every day. To cope with this, users typically choose simple passwords or reuse a few ones. This lowers the security of the system and increases the risk of an attacker being able to compromise the user’s account(s). The goal of this thesis is to build a so called single sign-on system which solves these problems. The result is NaviBase, a system based on the Java technology stack, which uses the Security Assertion Markup Language to provide single sign-on services to applications and users. The system consists of two primary components; NaviBase, the server component which holds all information and processes requests; and SamlLib, a slimmed-down implementation of the SAML protocol. In retrospect, a focus on sound development principles and using well known design patterns proved successful and preliminary security auditing suggest the system is sufficiently secure. On the flip side, much time was spent on unplanned activities and the system is somewhat hurt by a lack of focus on usability.
Keywords: Programvaruteknik;Software Engineering
Issue Date: 2009
Publisher: Chalmers tekniska högskola / Institutionen för data- och informationsteknik (Chalmers)
Chalmers University of Technology / Department of Computer Science and Engineering (Chalmers)
URI: https://hdl.handle.net/20.500.12380/117173
Collection:Examensarbeten för masterexamen // Master Theses



Items in DSpace are protected by copyright, with all rights reserved, unless otherwise indicated.