Integrating single sign-on within the WebAuthn framework

Abstract

In the world of digital identity, preserving user privacy while maintaining seamless access across platforms has become a challenge. WebAuthn, developed by World Wide Web Consortium (W3C) is mainly a web-based authentication standard. This system enhances security by enabling passwordless login through hardware-based and biometric authentication mechanisms. Another popular approach, to simplify authentication for users across the internet is Single-Sign-On (SSO) which allows a single credential to access multiple services or applications. This way users can get rid of the liability to manage multiple credentials, rather they can rely on only one credential to authenticate in a trusted manner and use that to authenticate in many other websites. Despite the potential of the SSO system, it has not been integrated with the WebAuthn framework till date. Through our research work, we have introduced a system that ensures passwordless authentication via WebAuthn and supports seamless access to service providers through SSO eliminating the requirements of repeated login. Moreover, this system empowers users with the full control over sharing their personal information by selective disclosure mechanism. Security Assertion Markup language (SAML) is used as the federated identity to exchange the authentication assertion securely between identity providers and service providers to enable seamless SSO. Thereby, introducing a new horizon of research on WebAuthn and SSO.