A Novel Role- and Certificate-Based Single Sign-On System for Emergency Rescue Operations

In large scale disaster management operations with hundreds and thousands of victims, fast access to distributed heterogeneous information of different organizations is required for efficient and reliable dispensation of rescue operations. The development of such emergency systems poses a big challenge, if requirements such as performance, security and reliability have to be fulfilled simultaneously. In this paper, we propose a novel Role integrated Certificate-based Single Sign-On (RC-SSO) solution for fast mobile access between first responders at the incident scene and their distributed organizations. Beside the illustration of operational details of the RC-SSO solution, we validate our concept by implementing an experimental prototype as proof-of-concept for a limited number of users. Furthermore, we design a simulation model to determine the performance boundary of our solution under high user density. In contrast to other related emergency system solutions, our approach does not employ a so-called Identity Provider (IDP) for authentication and authorization process and thus reduces additional communication cost as well. A comparison of our proposed solution to an IDP based classical single sign-on counterparts i.e. Security Assertion Markup Language (SAML) shows that our RC-SSO outperforms these by up to 80%. In addition RC-SSO ensures high data security level with negligible overhead compared to the standard security protocol SSL/TLS.