Journal of Communication Engineering & Systems

Abstract

Analyzing the security of FIdM is a challenging task, on one hand due to the various modes and options that the protocols provide, and on the other hand due to the inherent complexity of the web. A thorough understanding of the security vulnerabilities is required to remodel a stable and secure authentication system. In this paper the challenges and requirements of securing the exchange of information between enterprises have been reported. The goal of this work is to provide an in-depth security analysis of FIdM protocols. The major FIdM protocols SAML, OpenID and OAuth have been discussed. A narrative of the major security attacks and flaws in existing Federated Identity Management have been presented.  The paper explores solutions to resolve the security issues reported in existing FIdM and defines a number of possible countermeasures.

Keywords: Federated Identity Management, SAML, OAuth, OpenID, Server Side Request Forgery, Denial-of-Service, Phishing attacks

Cite this Article

Gargi Amoli, Manish Kala,Jitendra Chaurasia. A Comprehensive Security Analysis of Federated Identity Management. Journal of Communication Engineering & Systems. 2017; 7(1): 11–16p.