Comparative analysis and framework evaluating web single sign-on systems
F Alaca, PCV Oorschot - ACM Computing Surveys (CSUR), 2020 - dl.acm.org
We perform a comprehensive analysis and comparison of 14 web single sign-on (SSO)
systems proposed and/or deployed over the past decade, including federated identity and …
systems proposed and/or deployed over the past decade, including federated identity and …
On the Effective Prevention of {TLS}{Man-in-the-Middle} Attacks in Web Applications
N Karapanos, S Capkun - 23rd USENIX security symposium (USENIX …, 2014 - usenix.org
In this paper we consider TLS Man-In-The-Middle (MITM) attacks in the context of web
applications, where the attacker is able to successfully impersonate the legitimate server to …
applications, where the attacker is able to successfully impersonate the legitimate server to …
Analyzing the BrowserID SSO system with primary identity providers using an expressive model of the web
BrowserID is a complex, real-world Single Sign-On (SSO) System for web applications
recently developed by Mozilla. It employs new HTML5 features (such as web messaging …
recently developed by Mozilla. It employs new HTML5 features (such as web messaging …
SoK: Web Authentication in the Age of End-to-End Encryption
J Blessing, D Hugenroth, RJ Anderson… - arXiv preprint arXiv …, 2024 - arxiv.org
The advent of end-to-end encrypted (E2EE) messaging and backup services has brought
new challenges for usable authentication. Compared to regular web services, the nature of …
new challenges for usable authentication. Compared to regular web services, the nature of …
Privacy-preserving Web single sign-on: Formal security analysis and design
G Schmitz - it-Information Technology, 2022 - degruyter.com
Single sign-on (SSO) systems, such as OpenID and OAuth, allow Web sites to delegate user
authentication to third parties, such as Facebook or Google. These systems provide a …
authentication to third parties, such as Facebook or Google. These systems provide a …
[图书][B] Improving user authentication on the web: Protected login, strong sessions, and identity federation
MT Dietz - 2014 - search.proquest.com
Client authentication on the web has remained in the internet-equivalent of the stone ages
for the last two decades. Instead of adopting modern public-key-based authentication …
for the last two decades. Instead of adopting modern public-key-based authentication …
[PDF][PDF] Improving Security and Privacy of Integrated Web Applications
Y Zhou - 2015 - yuchenzhou.com
Modern applications integrate third-party services for easier development, additional
functionality (eg, connecting with social network identities), and extra revenue (eg …
functionality (eg, connecting with social network identities), and extra revenue (eg …
Strengthening Authentication and Integrity in Web Applications
N Karapanos - 2018 - research-collection.ethz.ch
Web applications have become one of the most common ways of providing access to online
information and services. People use their desktop or mobile browsers to surf the web and …
information and services. People use their desktop or mobile browsers to surf the web and …