Artifacts: "Only as Strong as the Weakest Link": On the Security of Brokered Single Sign-On on the Web
User Collection PublicSingle Sign-On (SSO) is an authentication process that allows users to access multiple services with a single set of login credentials. Although SSO improves the user
experience, it poses challenges to developers to implement complex authentication protocols securely. External services, called brokers, simplify the integration of SSO.
In this paper, we shed light on the emerging brokered SSO ecosystem, focusing on the security of the newly introduced actor, the broker. We systematically evaluate the landscape of brokered SSO, uncovering significant blind spots in previous research. Our study reveals that 25% of the websites with SSO integrate brokers for authentication, an area that has not been covered by any previous research.
Through our comprehensive security evaluation, we identify three categories of threats associated with brokered SSO: (1) insufficient validation of redirect chains enabling injection attacks, (2) unauthorized data access enabling account takeovers, and (3) violations of security best current practices.
We expose vulnerabilities in over 50 brokers, compromising the security of more than 2k websites. These findings represent only a lower bound of a critical situation, underscoring the urgent need for improved security measures and protocols to safeguard the integrity of brokered SSO systems.
Works In Collection (1)
Title | Date Added | Visibility | |
---|---|---|---|
2024-10-02 | Public |