Research On Security Optimization Of Cross-Browser Cookie Mechanism Of SSO System

With the continuous development of information technology,internal systems of enterprises become more and more.For one business,user sometimes have to access multiple systems,and input username and password many times.This is quite inconvenient to user's operation,and the frequency of inputting username and password may lead to disclosure of user information easily,and the system also have some security risks.The appearance of single sign on(SSO)system gave a very good solution to this problem,and gave a great convenience to the enterprise business resource integration.This thesis firstly introduces the current research and development status of SSO technology at home and abroad,and analyzes the architecture and basic principle of SSO,and analyzes the defects of SSO technology with practical application: bad supporting of cross-browser operation.Then,by studying the SSO cookie mechanism,we find the reason of the SSO technology's bad supporting of cross-browser.Finally,we propose a cross-browser solution for SSO,that is,using the Flash Cookie mechanism to replace the original cookie mechanism,and build a cross-browser SSO system.Then,this thesis studies the security of Flash Cookie mechanism,analyzes the shortcomings of the security of Flash Cookie mechanism,and puts forward the optimization scheme for the defects of Flash Cookie mechanism.By storing the user identity information originally stored in Flash Cookie in the server cache by establishing a mapping relationship on the SSO server side,and storing a unique unforgeable token having a mapping relationship with the user information in Flash Cookie to improve the encryption of Flash Cookie information.At the same time,through the SSO server real-time monitoring of user action behavior to determine whether the user is offline,if offline,the system clears the information in Flash Cookie immediately to reduce the time of information stored in Flash Cookie to improve the security of Flash Cookie information.Finally,this thesis realizes a cross-browser SSO system.From building the system framework,the system function and the system database are designed.Then we realize a safe and stable cross-browser SSO system with three modules including an unified authentication platform,an entrance system and the integrated of enterprise business system.Afterwards,we test the function and safety performance of the cross-browser SSO system and analyze the test results.The functions designed have better stability,and the security of this system has been greatly improved over other SSO system.