Security Enhancement of Single Sign on Mechanism for Distributed Computer Networks
Single sign-on mechanisms allow users to sign on only once and have their identities automatically verified by each application or service they want to access afterwards. There are few practical and secure single sign-on models, even though it is of great importance to current distributed application environments. Most of current application architectures require the users to memorize and utilize a different set of credentials (e.g. username/password or tokens) for each application they want to access. However, this approach is inefficient and insecure with the exponential growth in the number of applications and services a user has to access both inside corporative environments and at the Internet.