Presented at
DeepSec 2015 „DeepSec No. 9“,
Nov. 20, 2015, 2 p.m.
(50 minutes)
Despite decades of security research and authentication standards there's still a vast amount of systems with custom solutions and embedded user databases. Such systems are typically hard to securely integrate with others. We analysed an existing system of an organisation with approximately 12.000 sensitive user data sets and uncovered severe vulnerabilities in their approach. We developed a minimal, secure Single-Sign-On-Solution and demonstrated the feasibility of implementing both a minimal Identity Provider and a minimal Service Provider with only a few lines of code. We provided a simple blueprint for an Identity Provider and an easy to use Service Provider Library. Therefore this organisation is now able to integrate arbitrary web based systems. Moreover, others can follow the proposed approach and tailor similar solutions at low cost.
Presenters:
-
BSc
- Research Studios Austria FG
Bernhard Göschlberger studied Software Engineering at the faculty of Informatics, Communication and Media of the University of Applied Sciences Upper Austria (Campus Hagenberg) and Legal and Business Aspects in Technics at the Johannes Kepler University Linz.
He is currently a PhD student in Computer Science at the institute of Telecooperation at the Johannes Kepler University Linz.
Since 2011 he has been working for the Research Studios Austria FG as a researcher in the field of technology enhanced learning. Sebastian Göttfert studied Business Informatics at the Johannes Kepler University Linz and deepened his knowledge in network technologies at the Oxford Brookes University.
Currently, he is writing his Master's thesis in Computer Science at the Institute of Telecooperation at the Johannes Kepler University Linz.
-
Sebastian Göttfert
- Research Studios Austria FG
Bernhard Göschlberger studied Software Engineering at the faculty of Informatics, Communication and Media of the University of Applied Sciences Upper Austria (Campus Hagenberg) and Legal and Business Aspects in Technics at the Johannes Kepler University Linz.
He is currently a PhD student in Computer Science at the institute of Telecooperation at the Johannes Kepler University Linz.
Since 2011 he has been working for the Research Studios Austria FG as a researcher in the field of technology enhanced learning. Sebastian Göttfert studied Business Informatics at the Johannes Kepler University Linz and deepened his knowledge in network technologies at the Oxford Brookes University.
Currently, he is writing his Master's thesis in Computer Science at the Institute of Telecooperation at the Johannes Kepler University Linz.
-
MSc MLBT BSc
- Research Studios Austria FG
Bernhard Göschlberger studied Software Engineering at the faculty of Informatics, Communication and Media of the University of Applied Sciences Upper Austria (Campus Hagenberg) and Legal and Business Aspects in Technics at the Johannes Kepler University Linz.
He is currently a PhD student in Computer Science at the institute of Telecooperation at the Johannes Kepler University Linz.
Since 2011 he has been working for the Research Studios Austria FG as a researcher in the field of technology enhanced learning. Sebastian Göttfert studied Business Informatics at the Johannes Kepler University Linz and deepened his knowledge in network technologies at the Oxford Brookes University.
Currently, he is writing his Master's thesis in Computer Science at the Institute of Telecooperation at the Johannes Kepler University Linz.
-
Bernhard Göschlberger
- Research Studios Austria FG
Bernhard Göschlberger studied Software Engineering at the faculty of Informatics, Communication and Media of the University of Applied Sciences Upper Austria (Campus Hagenberg) and Legal and Business Aspects in Technics at the Johannes Kepler University Linz.
He is currently a PhD student in Computer Science at the institute of Telecooperation at the Johannes Kepler University Linz.
Since 2011 he has been working for the Research Studios Austria FG as a researcher in the field of technology enhanced learning. Sebastian Göttfert studied Business Informatics at the Johannes Kepler University Linz and deepened his knowledge in network technologies at the Oxford Brookes University.
Currently, he is writing his Master's thesis in Computer Science at the Institute of Telecooperation at the Johannes Kepler University Linz.
Links:
Similar Presentations: