Add to ORKGAbstract—While security of cross-domain single sign-on is a thoroughly researched subject, the closely related web identity federation has not been recognized as a distinct problem requiring analysis in its own right. In this paper, we describe a generic approach for analyzing security of web protocols through a framework for reasoning about user actions. We then use this framework to analyze security of important web identity federation protocols. We show that a secure single sign-on protocol does not necessarily ensure safety of linking identities across domains. Our analysis discovers limitations in current web identity management standards that can allow an attacker to create fraudulent identity associations across domains. We propose c...
We develop solutions for the security and privacy of user iden-tity information in a federation. By ...
The research of this paper are focused on extensive security analysis of commercial web SSO systems....
OpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user a...
Single Sign-On (SSO) is a solution where the authentication process is taken care of once by a third...
Single Sign-On (SSO) is a solution where the authentication process is taken care of once by a third...
Web-based single sign-on describes a class of protocols where a user signs into a web site with the ...
Web-based single sign-on describes a class of protocols where a user signs into a web site with the ...
Single Sign-on (SSO) protocols, which allow a website to authenticate its users via accounts registe...
Nowadays, identity-based client authentication (e.g., by username/ password) over SSL is the standar...
Channel-based enabled-client protocols, such as the Liberty-enabled client and proxy profile, offer ...
Today, there is an increasing demand for authentication services to provide authentication to users ...
Today, there is an increasing demand for authentication services to provide authentication to users ...
We develop solutions for the security and privacy of user identity information in a federation. By f...
OpenID and OAuth are open and lightweight web single sign-on (SSO) protocols that have been adopted ...
Many modern websites offer single sign-on (SSO) services, which allow the user to use an existing ac...
We develop solutions for the security and privacy of user iden-tity information in a federation. By ...
The research of this paper are focused on extensive security analysis of commercial web SSO systems....
OpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user a...
Single Sign-On (SSO) is a solution where the authentication process is taken care of once by a third...
Single Sign-On (SSO) is a solution where the authentication process is taken care of once by a third...
Web-based single sign-on describes a class of protocols where a user signs into a web site with the ...
Web-based single sign-on describes a class of protocols where a user signs into a web site with the ...
Single Sign-on (SSO) protocols, which allow a website to authenticate its users via accounts registe...
Nowadays, identity-based client authentication (e.g., by username/ password) over SSL is the standar...
Channel-based enabled-client protocols, such as the Liberty-enabled client and proxy profile, offer ...
Today, there is an increasing demand for authentication services to provide authentication to users ...
Today, there is an increasing demand for authentication services to provide authentication to users ...
We develop solutions for the security and privacy of user identity information in a federation. By f...
OpenID and OAuth are open and lightweight web single sign-on (SSO) protocols that have been adopted ...
Many modern websites offer single sign-on (SSO) services, which allow the user to use an existing ac...
We develop solutions for the security and privacy of user iden-tity information in a federation. By ...
The research of this paper are focused on extensive security analysis of commercial web SSO systems....
OpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user a...
