2. Sequence Data Flow Scenario SSO Authentication 

Context in source publication

Context 1

... simply does once the authentication process to gain permits access to all the services contained within the network. An example is the Google account that is integrated with google apps (google drives, google plus, gmail, etc.). With a single login to one of the google apps, then automatically the Google has logging in to other apps. The SSO Server is actually not different web applications in General, its task is to handle the request and provide a response to the client that access. Just reply SSO server task is 99% of authentifikasi, the processing of session and coockies. In addition, an SSO server must be able to handle the request and response quickly [2]. The basic concept of SSO can be seen in Figure 3.1. The Central Authentication Service (CAS) is an authentication system originally created by Yale University to provide a safe way for an application to authenticate a user. The CAS then implemented as an open source Java server component and a client library support for Java, PHP, Perl, Apache, uPortal, and others. CAS Server is a basic framework that used for SSO network security [4]. To more clearly understand the basic concepts of CAS can be seen in Figure 3.2. Hacking (attack) is a computer program belonging to break through the activities of people/other party. While hackers are people who do hacking and usually have the expertise to create and read a particular program, and obsessed with observing his security [6]. While Sniffing is eavesdropping on data traffic on a computer network that is carried out by sniffer [6]. In the test system used in this study is Apache Banch (AB). In addition, there are kind of attack that called Spoofing. It is one of more form attack that pernicious in the networking system [7]. Black Box testing (functional testing) is one of the conditions of the test developed by the program or system function. Where tester (examiner) requires information about the data input and output to be observed, but did not know how to program or system is working. As someone who does not have to know how a car works internally to drive it, do not need to know the internal structure of the program work. The tester function testing focuses on the specifics of the program. With black-box testing, the tester saw the program as a black box and really do not care about the internal structure of a program or system. Some examples in this category include: decision tables, equivalence partitioning, range testing, boundary value testing, database integrity testing, graphing cause effect, orthogonal array testing, array and table testing, exception testing, limit testing, and random testing [8]. IV. D ESAIN S YSTEM SSO network system design that is constructed in this study were divided into two groups of systems. That CAS Server as the primary system is used as the authentication center. And the next group is the CAS Client systems that function as activators session on the application on the client side. To understand the SSO network system design that is built in this study, can be seen in the description of the SSO network system design and SSO authentication data flow scenario the following: The following is an explanation of the design of a network system consisting of an Information Systems Server Web and a CAS Server. The architecture of network system Single Sign On (SSO) as a whole in this study are as described in Figure 4.1. Each user was located in client area that will login to access a Web Server SI, then immediately directed (redirect) to the CAS Server that was located in the SSO Server Area with a service address to authenticate by checking whether the user is already registered in the CAS Server database. Once successfully authenticated, then from CAS Server redirected back to address service (CAS Client) and then directed to a Web Server SI (Client Area). Similarly, for each user who is in the SSO Server Area, which will access the Web Server SI, authenticating to CAS Server first and then once authenticated redirected back to the Web Server SI originating in accordance with the submitted address service. Information specification and selection of the components shown in Figure 4.1 with the following explanation: 1. CAS server has the specs Processor Intel Pentium Core 2 Duo, 4 GB RAM, 500 GB Hard Disk, with Centos Linux OS version 6.4 (64-bit). 2. Web Server SI with specifications Processor Intel Pentium Dual Core 1.8 GHz, 3 GB RAM, 320 GB Hard Disk, with dual boot OS are Linux OpenSUSE, and Windows 7 Ultimate, which serves as a computer attacker and Information System Web Server Papyrus (replica). 3. Switch: TP-LINK TL-SF1016D. Port Number: 16 Port 10/100 Mbps. Media interfaces: RJ-45: 100 ohm, UTP / STP cable, 10/100 Base - EIA/TIA Categories 3 or 5 cable, and LED. 4. WiFi: 300Mbps Wireless-N Access Point TP-Link TL- WA801ND. Design of network systems that is integrated with SSO to authenticate on CAS Server has scenario as described in the Figure 4.2. The scenario in Figure 4.2 is marked with the serial number one to five can be explained as follows: 1. Users access the Web Server System Information (SI) through the browser on the user PC with the address 2. From the Server SI then redirected to the CAS Server with a service address to authenticate whether the user account is registered in the data base by the CAS Server. 3. If the user account has not been registered in the data base of the CAS Server, then the user can not access the Web Server System Information directly, but returned again to the user without going through the Information System Web Server. 4. If the user account is registered in the data base of the CAS Server, then from the CAS Server is directed to the CAS Client Web Server System are in accordance with the address information service that has been delivered. 5. From the Web Server Information Systems were directed to the user's PC in a state already authenticated. If the user opens another application that is integrated with SSO, then the application system does not need to authenticate again to the CAS Server, but just uses a User Name that is in session on the client browser. By usage of authentication session is expected authentication process to be faster than without using the session that always logged into the CAS Server. The authentication process on the SSO network can be described in the flowchart that shown in Figure 4.3. The design of CAS Server application in this study using the PHP programming language and the MySQL database. The CAS Server login page display is shown in Figure 4.4. The display form for filling and processing user data is shown in Figure 4.5. Meanwhile, to see a list of all user accounts and also to be able to modify and delete user accounts can be seen via the User menu list as shown in Figure 4.6. CAS Server must provide user data to be used as the authentication center. So the CAS Server must also provide the address to be accessed by the client. Here are a few links that provided by CAS Server: Because of so many listing program that used on the CAS Server application, then in this paper include the main program listing used. The program listing as follows: V. S YSTEM T ESTING M ETHOD In the CAS Server system testing, is done by the method of black box testing model (functional testing). The testing is done with performance testing. The test load and response time. Architecture of the testing Server on the CAS Single Sign On (SSO) network can be seen in Figure 5.1. VI. R ESULTS A ND D ISCUSSION The results of testing the CAS Servers in this performance testing was using Apache Banch (AB) tools. The results of system performance testing conducted CAS Server obtained the results as shown in TABLE 1 . To view the capture performance test results on CAS Server at this stage can be seen in Figure 6.1. VII. CONCLUSION Based on the research and the results of the analysis system has been done, some of the conclusions obtained as follows: 1. Implementation of CAS Server and CAS Client are constructed by PHP programming language can function well. 2. Exploiting session on the CAS Server can not be used directly by the browser if without of CAS Client. Resulting in building a network of SSO, must involve both the CAS (CAS Server and CAS Client). 3. Based on test performance (response time and load test) conducted with tools Apache Benchmark (AB), that the CAS Server maximum can respond to user 4.490.000 user with as much Total Time Request = 5.406,568 ms (5 seconds). VIII. F UTURE W ORK The future work for further research is need for further testing in the design of the CAS Servers that are built with different programming languages and different authentication methods. R ...