Security Issues in OAuth 2.0 SSO Implementations-Reference-Cited by-同舟云学术

Security Issues in OAuth 2.0 SSO Implementations

Published:2014 Issue: Volume: Page:529-541
ISSN:0302-9743
Container-title:Lecture Notes in Computer Science
language:
Short-container-title:

Author:

Li Wanpeng,Mitchell Chris J.

Publisher

Springer International Publishing

Link

http://link.springer.com/content/pdf/10.1007/978-3-319-13257-0_34

Reference30 articles.

1. Hardt, D.: The OAuth 2.0 authorization framework (2012), http://tools.ietf.org/html/rfc6819

2. Hanna, S., Shin, R., Akhawe, D., Boehm, A., Saxena, P., Song, D.: The emperor’s new APIs: On the (in)secure usage of new client-side primitives. In: Proc. W2SP 2010 (2010)

3. Miculan, M., Urban, C.: Formal analysis of Facebook Connect Single Sign-On authentication protocol. In: Proc. SofSem 2011, OKAT, pp. 99–116 (2011)

4. Sun, S.T., Beznosov, K.: The devil is in the (implementation) details: An empirical analysis of OAuth SSO systems. In: Yu, T., Danezis, G., Gligor, V.D. (eds.) Proc. CCS 2012, pp. 378–390. ACM (2012)

5. Wang, R., Chen, S., Wang, X.: Signing me onto your accounts through facebook and google: A traffic-guided security study of commercially deployed single-sign-on web services. In: Proc. IEEE Symp. on Security and Privacy 2012. IEEE (2012)

Cited by 35 articles. 订阅此论文施引文献订阅此论文施引文献，注册后可以免费订阅5篇论文的施引文献，订阅后可以查看论文全部施引文献

1. CSRFing the SSO Waves: Security Testing of SSO-Based Account Linking Process;2024 IEEE 9th European Symposium on Security and Privacy (EuroS&P);2024-07-08

2. 5GAC-Analyzer: Identifying Over-Privilege Between 5G Core Network Functions;Proceedings of the 17th ACM Conference on Security and Privacy in Wireless and Mobile Networks;2024-05-27

3. A New Framework for Microservices with Single Sign-On, Security Assertion Markup Language and OpenID Connect;2024 3rd International Conference on Sentiment Analysis and Deep Learning (ICSADL);2024-03-13

4. Formal Analysis of Access Control Mechanism of 5G Core Network;Proceedings of the 2023 ACM SIGSAC Conference on Computer and Communications Security;2023-11-15

5. WEBAPIK: a body of structured knowledge on designing web APIs;Requirements Engineering;2023-03-14