International Journal for Technological Research in Engineering (IJTRE)
Single Sign-On (SSO) is an authentication mechanism which enables an authorized user with a onetime credential to be authenticated by many service providers in a scattered computer system. This paper proposed a SSO mechanics that claimed its certificate by providing well-organized protection arguments. The old SSO system is actually unsafe as it fails to meet credential secrecy and soundness of certification. Specifically, the project presents the following impersonation attacks. The firstly attack allows a vicious service provider, who has successfully communicated with a valid user twice, to recover the user's vicious and then to impersonate the user to access resources and services offered by service provider.