Internati onal Journal of Innovations & Advancement in Computer Science

IJ IACS
ISSN 2347 8616
Volume 4, Issue 6
June 2015

SSO Mechanism in Distributed Environment

Vinay Kumar Ande, Hitesh Mohapatra
Asst .Prof(Computer Engg)
Sanjivani Collage of Engineering,
Kopargaon, Savitribai Phule, Pune University
Abstract
Wired network work with physical spectacle and then the
information assemble is processed to get applicable
results. Method is based on centralized approach. If
Service provider is affected at any causes the Whole
process will be failed. To overcome this problem, secure
mechanism is used. Secure and Distributed mechanism
consists of five phases: Method initialization phase, user
identification phase, hacking phase, recovering phase,
security analysis. If client login to service provider it can
access the multiple services. Hacking is main issue for
accessing multiple services in SSO mechanism.
Impersonation attack means the challenger successfully
attempts to identify one of the genuine parties to takeoff
various attacks. To solve this problem the single sign on
mechanism (SSO) have been proposed.
Keywords
Network Security, Wired networks, Secure and
Distributed mechanism, Single Sign on Mechanism
(SSO).

I.
Introduction
A wired network [1] [4] [5] is a computer networks
composed of distributed environment in different
locations. Wired networks can be used in newscast
arrangements. The use of wired linkage needs
limited energy and computational facility.
Distributed wired contain self-organizing and selfhealing networks. This network allows a new node
to join the network with the help of Authenticated
server. SSO Mechanism contains five phases:
system initialization phase, user identification
phase, hacking phase, recovering phase, security
analysis. Attack will perform on system on the basis
of password and user name of User. To overcome
the impersonation attack single sign on Mechanism
can be used with the security mechanism. The user
contains multiple username and password for
retrieving the different services from service
provider [2]. But in single sign on mechanism only
need single username and password for accessing
the different services from service provider. Except
the authorized person or admin, even a non-trusted
authority and service providers are not able to forge
valid records for a new user. Attacker is the
unauthorized party when trying to access the any
services from service provider then systems

133

Vinay Kumar Ande, Hitesh Mohapatra

monitors those users and block that user for that

session only. Credential privacy guarantees that
untrusted authority should not be able to
impersonate the trusted party and also does not
recover the user details. ChangLee scheme [3] is
insecure by two attacks, i.e. Denial of service attack
and SQL injection attack without identifications.
In the recovery attack, a malicious service provider
who has communicated with a legal user twice can
successfully recover the users credential. The
malicious service provider can impersonate the user
to access the services and then the services can
provide by other service providers. These two
attacks can imply that the ChangLee SSO scheme
fails to meet soundness and credential privacy,
which are essential requirements for SSO schemes
and authentication. We also can identify the faults
in their security arguments to explain why it is
possible to mount our attacks against their scheme.
Finally, to avoid these two attacks, propose an
improved SSO scheme to improve the user
authentication phase. To this end, we employ the
efficient RSA-based algorithm to secure
communication between users criterions. There are
no analogous attacks in the SSO, and this is also the
first time of using RSA to design an SSO scheme,
to the best of our knowledge.
II. Preliminaries
A. Existing Method
Secure and Distributed Reprogramming Protocol
(SDRP) is used. In distributed reprogramming
mechanism multiple authorized network users can
simultaneously and directly reprogram sensors
nodes without the involvement of base station.
Secure and Distributed Reprogramming Protocol
(SDRP) consists of three phases: Method
initialization phase, user pre-processing phase, and
sensor
node
verification
phase.
Method
Initialization Phase: The network owner creates a
private and public key and assigns the
reprogramming privileges. User Pre-processing
phase: If network owner enters a WSN and has a
new code image and paradigm the reprogramming
packets. Sensor node confirmation phase: If packet
Confirmation passes. The node accepts the code

Internati onal Journal of Innovations & Advancement in Computer Science

IJ IACS
ISSN 2347 8616
Volume 4, Issue 6
June 2015

image. An characteristic design weakness in the

user preprocessing phase of SDRP is well-known
such that the node is weak to an impersonation
attack. Impersonation attack means the adversary
successfully attempts to identify one of the real
parties to launch various attacks. To solve this
problem the single sign on mechanism have been
proposed B. Proposed Method Chang and Lees
single sign-on scheme is a distant user
authentication method, supporting user secrecy and
session token establishment. In their scheme, RSA
algorithms are used to initialize an authorized user,
called as a service providers and (SSO) Single Sign
on Mechanism. The token are established using the
mac and ip address. In the ChangLee scheme,
individual person can apply a valid top from the
authorized user SSO; RSA signature is used for the
identification of the user to check the user details.
The service providers can support its
communication by using token. The SSO (Single
Sign On) scheme consists of a five phases: system
initialization, registration p, and user identification.
Method Initialization phase: The trusted person
SSO selects a two prime numbers p and q. After
that, SSO fixes its RSA. SSO chooses a generator,
where is also a large prime number. Attacker hack
that method than recover that attack by using
security analysis. Finally, SSO issues, keeps as a
secret, and erases immediately once this phase has
been finished.
B. Single Sign On Mechanisms
SSO (Single Sign-On) is which single user that
enters single username and password to access the
several services. The process is authenticating to the
user for accessing different services during a
particular session. SSO is a skill for a user to enter
the same username and password to log on to the
accessing multiple services. As passwords is an
apparatus for the protected authentication, a single
sign on has now become also known as an
(Reduced Sign On) RSO. Single Sign On
mechanism is a property of access control of many
related but free software methods. Single Sign On
mechanism are used to reduce the username and
password fault for accessing different services for
single user and password groupings, and also falling
the time disbursed for re-entering passwords for the
same user identity.

Fig 1.Single Sign on Mechanism

134

Vinay Kumar Ande, Hitesh Mohapatra

C. User Identification Phase

In the user documentation phase only authorized
user can access the services in this check detailed of
the user and deliver access for authorized user.
Suppose user request services from service
provider, service provider deliver message which is
made up by RSA on algorithm. Once this
authentication is validated, it means that user has
authenticated person then service provider deliver
services successfully. To access the services of a
service provider, user can need to go through the
authentication phase. If users request for services
then service provider can conform identification.
After that the authentication server generates the
token temporarily. Once u close the process there is
needed to reenter the user name and password,
cause your session are stationary.
D. Attacks against the Single Sign on
Mechanism.
The single sign on is actually not a secure SSO
scheme because there may be possibility of hacking
of data. The first attack, an SQL-injection attack
and denial of service attack to identify like as an
behavior of trusted party and copy the details in a
method or in a communications protocol and make
use of services offered by service providers. The
attacker can violate the requirement of soundness
for an SSO scheme and thus successfully
impersonate a legal user without holding a valid
credential. The ChangLee scheme as a malicious
service provider is able to recover the credential of
a legal user. In real life, these attacks may be both
users and service providers at high risk.
E. Recovering Attack
Single sign on scheme specifies that is not trusted
parties can try to access the services. So, that this
implies the client could be malicious and are not
trusted parties. The users token against a malicious
service, the work also decides indirectly that there is
the potential for attacks from the malicious service
providers against a Single Sign on (SSO) schemes.
In fact, single sign on mechanism are supposed to
be a trusted, to classify user can just monitor and
block that user for the current session only. In fact,
such a mechanism is more efficient, much simpler
and has better security.
F. Security Analysis
The security of the better SSO scheme by fixing on
the security of the user authentication part,
particularly credential privacy and reliability due to
two reasons. On the one hand, the security of
service provider authentication is confirmed by the
enforceability of the secure scheme and the

Internati onal Journal of Innovations & Advancement in Computer Science

IJ IACS
ISSN 2347 8616
Volume 4, Issue 6
June 2015

enforceability of the credential is guaranteed by the

enforceability of RSA algorithm, chosen by each
service provider.

Fig 2.Security Analysis

III. Method Architecture
The distributed network users or multiple users can
register the username and password in single sign
on mechanism (SSO).that SSO mechanism can
provide the secret token to the users .Any provider
or social network i.e. they also register with SSO
mechanisms. If user can securely access the
network with single username and password. For
example: in Gmail user have one username and
password, likewise yahoo, twitter, fb user have
same username but using different password. In
SSO mechanism provide only one username and
password.

Fig 4.Admin login

2. When authorized client accesses the services then
there is unauthorized user who uses its own string
and hack the method.

Fig 5.Unauthorized user

3. Admin monitoring the method when it found the
illegal user which accesses the services then admin
block that user for that session.

Fig 6.Admin monitoring

4. When admin observe that illegal user then admin
block that user for that session then unauthorized
user fail to access the services
Fig 3.Method Architecture
IV. RESULT
1. There is a two login one for admin second for
user. When admin login to method then monitoring
spoofing as well as register for employee and when
user login then access different services.

135

Vinay Kumar Ande, Hitesh Mohapatra

Fig 7.Authentication failed

Internati onal Journal of Innovations & Advancement in Computer Science

IJ IACS
ISSN 2347 8616
Volume 4, Issue 6
June 2015

V. CONCLUSION
The existing method determine the
two attacks The first attack, is an impersonation
attack, to identify like as an behavior of trusted
party and copy the details in a method or in a
communications and make use of services
obtainable by service providers. The attacker can
interrupt the requirement of for an SSO scheme and
thus successfully impersonate a legal user without
holding a valid recommendation. The other attack,
the credential recovering attack compromises the
credential privacy in the ChangLee scheme as a
malicious service provider is able to recover the
credential of a legal user. In real life, these attacks
may be both users means intruder and outsider at
high risk. In proposed method using Single Sign On
mechanisms can be used. By using Single user
name and password to access the different services
with SQL injection and denial of service attacks
perform on system then system identifies that attack
block that user for that session only. Using RSA
technique to encode and decrypt the message and to
securely
access
the
authenticated
and
communicated with a user .With the help of secure
socket layer to protect the message from attacker.
The result is to provide high security without any
attack

136

Vinay Kumar Ande, Hitesh Mohapatra

REFERENCES
1.

2.

3.

4.

5.

M. Cheminod, A. Pironti, and R. Sisto, Formal

vulnerability analysis of a security method for
remote fieldbus access,IEEE Trans. Ind. Inf.,vol. 7,
no. 1, pp. 3040, Feb. 2011.
D. G. Zhang and X. J. Kang, A novel image denoising method based on spherical coordinates
method, EURASIP J. Adv. Signal Process, vol. 1,
p. 110, 2012.
H.-M . Sun, Y.-H. Chen and Y.-H. Lin, oPass: A
user authentication protocol resistant to password
stealing and password reuse attacks,IEEE Trans.
Inf. Forensics Security, vol. 7, no. 2, pp. 651 663,
Apr.2012.
Daojing He and Laurence T. Yang, Security
Analysis and Improvement of a Secure and
Distributed Reprogramming Protocol for Wireless
Sensor Networks, IEEE transactions on parallel and
distributed methods, vol. 60, no. 11, November
2013.
Kasim Sinan Yildirim and Aylin Kantarci, Time
Synchronization Based on Slow-Flooding in
Wireless Sensor Networks, IEEE transactions on
parallel and distributed methods, vol. 25, no. 1,
January 2014.