A proposal of a method for evaluating third-party authentication services

Typ
Examensarbete för masterexamen
Master Thesis
Program
Publicerad
2011
Författare
Stenbäcka, Erik
Josefsson, Erik
Modellbyggare
Tidskriftstitel
ISSN
Volymtitel
Utgivare
Sammanfattning
The security field is a highly studied area of knowledge, since the consequences of failing can be catastrophic; if an external user accesses information or function she should not be able to access. Third-party authentication is a growing concept that tries to remedy the problem of users having to register at most websites they want to access. With an account at a third-party authentication service a user can access all websites that support the third-party service without having to register there. While this seems like a good architecture are the capabilities and limitations of third-party services not well understood and there are no common protocols for authenticating users. This master thesis aims at increasing the knowledge about these services by reviews current literature in the field in order to define a method for evaluating third-party authentication services. Furthermore, in the scope of the thesis is to explore the possibility of circumventing the problem that there is no common protocol for authenticating users by creating a plug-in based authentication solution that utilizes third-party authentication services for user authentication. An evaluation method that tries to to capture the essential aspects of third-party user authentication is proposed. In addition a proof-of-concept implementation of the previously mentioned plug-in based authentication solution is implemented to show that it is possible to circumvent the described problem.
Beskrivning
Ämne/nyckelord
Information Technology , Informationsteknik
Citation
Arkitekt (konstruktör)
Geografisk plats
Byggnad (typ)
Byggår
Modelltyp
Skala
Teknik / material
Index