The Security Limitations of SSO in OpenID

As the Internet becomes a way of social life, there are lots of accounts which a user has to manage. To receive the web service, people have to register each web site. It is the OpenID to resolve these burdensome. The OpenID provides the Single Sign-On service which a user can be authenticated in several web sites by submitting the password of OpenID to authentication server only once. In this paper, the authors analyze the Single Sign-On in OpenID and show an experiment of vulnerability of OpenID.