Single Sign-on (SSO) allows users to only log on once and then access different services via automatic authentication by using the same credential. However, most existing SSO schemes do not satisfy security notions or require a high trust level on a trusted third party (TTP), even though SSO has become popular in new distributed systems and computer networks. Motivated by this fact, we formalise a new security model of single sign-on, which not only satisfies strong security notions but also has a low trust level on TTP. We then propose a generic construction of SSO from nominative signatures, and present concrete initialisation. We also provide formal proofs to show that the proposed SSO scheme is secure according to our new formal model, if the underlying nominative signature is secure. We note that this is the first study that investigates the link between SSO and nominative signatures, which also be of an independent interest.