开发者

Secure single sign-on for both secure and vulnerable web services

I'd like to know if it is possible to have a s开发者_如何转开发ecure single sign-on across two webservices of which 1 is more secure than the other. To be more specific, less secure would be vbulletin forum and the more secure one a webservice, where real money is earned, withdrawn etc. For the sake of convenience for the users I would like to implement a secure single sign-on, but looking at the vbulletin's security track record, especially xss vulnerabilities, even sql injection, then I'm not sure if sso will be a viable option if it would degrades security of the more secure service.


It may be permissible to use a high-assurance credential to authenticate to a low-assurance system provided that long-term shared authentication secrets are not revealed to the low-assurance system (see, e.g., NIST Special Publication 800-63, Level-2 and above). This generally requires an assertion (e.g., SAML) from the Credential Service Provider to the Relying Party. The CSP, which is trusted, accepts the credential and asserts its authenticity, and possibly other attributes associated with the Subscriber, to the relying party (the application), which is not trusted. Since secret tokens associated with the credential (e.g., a password) are never sent to the relying party, a breach in that service would not provide an attacker with useful knowledge to attack the high-assurance system. There are a number of industry standards, such as OpenID and OATH, for credential federation in this manner.


Stop inventing your own sign-on systems. Use OpenID like StackOverflow itself does. That will solve your problem neatly and your users will be hugely pleased with you for not forcing them to remember yet another password.

0

上一篇:

下一篇:

精彩评论

暂无评论...
验证码 换一张
取 消

最新问答

问答排行榜