TY  - JOUR
T1  - Development of TOTP Verifier and Proxied Authenticator to Enable Strong Authentication in Identity Federation
AU  - Jo, Jinyong 
AU  - Kim, Seung-Hae 
AU  - Cho, Buseung 
JO  - The Journal of Korean Institute of Communications and Information Sciences
PY  - 2023
DA  - 2023/1/14
DO  - 10.7840/kics.2023.48.10.1277
KW  - SAML
KW  - Federated Single Sign-On
KW  - One-Time Password
KW  - Data Protection
KW  - Identity Protection
AB  - Multi-factor authentication (MFA) is crucial in single sign-on environments to mitigate the risk of security breaches caused by leaked or weak passwords. In federated single sign-on, the low availability of MFA from identity providers imposes significant restrictions on user access to online services that require it. Additionally, if an identity provider supports MFA but does not comply with standards, it can be challenging for online services to verify whether the identity provider has performed MFA. This paper presents a proxied authenticator that conducts MFA as a substitute for identity providers, along with a TOTP verifier that can be integrated within identity providers. Finally, the developed TOTP verifier and proxied authenticator are implemented in the federated single sign-on environment to assess their adherence to software requirements including cost-effectiveness, security, availability, and compatibility with standards.