Research Article
Assessment of Secure OpenID-Based DAAA Protocol for Avoiding Session Hijacking in Web Applications
Table 1
Assessment of the proposed protocol model with existing OpenID model.
| OpenID Methods | Login any PC/Laptop (Any/Own) | Security (Safe/ Unsafe) | Price | Trust |
| Preventing Session Hijacking [26] | Any (Verisign labs Personal Identity Portal used for the experiment) | Partially Safe (Double Authentication) | Free | Medium |
| Anti-phishing OpenID Solution [1] | Any | Partially Safe (Double Authentication) | Free | Medium |
| BEAMAUTH Anti-phishing solution [44] | Own (vanilla web browser) | Partially Safe (Double Authentication) | Low-cost | Low |
| OpenID Authentication Model using Trusted Computing [35] | Any | Partially safe | Low-cost | High |
| OpenID security weakness analyzed via OWASP tools [30] | Own (web browser) | Not very much Secure | Free | Low |
| Anti-phishing OpenID Page token solution [13] | Own (google console developers and salesforec.com) | Partially secure | Low-cost | Medium |
| Proposed DAAA Protocol | Any | Safe (Triple Authentication) | Free | High |
|
|
Bold observations provide best security features as compared to other OpenID methods. |