Security Vulnerabilities in SAML based Single Sign-On Authentication in Cloud

Abstract

Cloud computing is introducing numerous changes to one's lifestyle and working pattern for its infinite benefits. Companies have increasingly turned to Software as a Service (SaaS) or Application Service Providers (ASPs) vendors to offer specialized web based services that have huge potential to cut costs and provide specific applications to the users in a very convenient way. However, the security of cloud computing is always a serious issue for numerous potential cloud users, and also a big roadblock for its far-flung applications. One of the major challenges remains to be an integrated authentication mechanism over cloud environments through Single Sign-On. In this paper, the authors report their work of implementing Security Assertion Markup Language (SAML) to enable Single Sign-On (SSO) based authentication in a multiple web application cloud environment. The paper also reports serious vulnerabilities prevalent in such an environment and describes a detection method for the same.