Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A roadmap for ensuring SAML authentication using Identity server for on- premises and cloud
Luleå University of Technology, Department of Computer Science, Electrical and Space Engineering.
2019 (English)Independent thesis Advanced level (degree of Master (Two Years)), 20 credits / 30 HE creditsStudent thesis
Abstract [en]

Cloud-based applications especially SaaS applications have become essential for startups and various sized businesses. Adapting to these web applications helps to reduce operational costs and further provide flexibility in accessing individual data of the users. On the other hand, usage of these cloud services poses security-related issues such as authentication, authorization, web application security. Additionally, if the on-premises application is moved to the cloud then the traditional Identity solutions will not work, which affects the user authentication. This thesis considers ‘Authentication’ as one of the main security issues to be addressed. Thus, a new federated Identity and Access Management (IAM) system needs to be realized, which can be used for both on-premises and cloud to authenticate users correctly and securely. To meet the described challenges within the cybersecurity domain, this thesis focuses on two aspects of IT Security: 1) SaaS application rely on IAM; 2) IAM for securely authenticating users. This thesis work addresses both these aspects in two parts. First, by developing a SaaS web application that includes an authentication module with the support of the SAML 2.0 standard protocol. Second, the use of open source WSO2 IAM server for authenticating the users securely. To implement a SaaS application, a play framework PAC4j security library is used to support SAML SSO profile for authenticating users. The profile provides functionality for the two scenarios: SAML- Service provider and SAML- Identity Provider. The developed SaaS application acts as a service provider while WSO2 identity server acts as an Identity Provider. The SAML request-response authentication workflow between these providers are verified to prove the correctness and security of user login information. The research presented in this thesis is helpful for startup companies, that are initially looking to minimize application cost that works both on-premises and cloud without compromising on the security of user’s login information.

Place, publisher, year, edition, pages
2019. , p. 70
Keywords [en]
SAML, IDP, IAM, Identity server, SP
National Category
Computer Systems
Identifiers
URN: urn:nbn:se:ltu:diva-73988OAI: oai:DiVA.org:ltu-73988DiVA, id: diva2:1316547
External cooperation
Storigo AB, Luleå
Subject / course
Student thesis, at least 30 credits
Educational program
Information Security, master's level (120 credits)
Presentation
2018-06-15, Adobe connect, Luleå University of Technology, Luleå, 10:00 (English)
Supervisors
Examiners
Available from: 2019-05-21 Created: 2019-05-19 Last updated: 2019-05-21Bibliographically approved

Open Access in DiVA

fulltext(3224 kB)26 downloads
File information
File name FULLTEXT01.pdfFile size 3224 kBChecksum SHA-512
946afcc4b60ecdea6106d9fbfb1c16bba0698be26cac94b59a363aaee287fce889e8bea2b58c153b675ccd2d272b7373fda7d7fdba86df9c3f5cced4356fa91d
Type fulltextMimetype application/pdf

Search in DiVA

By author/editor
Kodam, Triveni
By organisation
Department of Computer Science, Electrical and Space Engineering
Computer Systems

Search outside of DiVA

GoogleGoogle Scholar
Total: 26 downloads
The number of downloads is the sum of all downloads of full texts. It may include eg previous versions that are now no longer available

urn-nbn

Altmetric score

urn-nbn
Total: 50 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf