OpenID is a promising user-centric Web single sign-on protocol. According to the OpenID Foundation, there are currently more than one billion OpenID-enabled user accounts provided by major service providers such as Google, Yahoo and AOL. In this presentation, I will present OpenID security analysis and the evaluation results on 200 OpenID-enabled websites. Our preliminary result shows that more than 50% of OpenID-enabled websites are vulnerable to cross-site request forgery attack (CSRF) that allow an attacker to modify the victim's account profile information directly; and 75% of evaluated websites allow an attacker to force the victim to login their websites as the attacker stealthily. With additional practical adversary capabilities (e...
Abstract. Single Sign-On (SSO) systems simplify login procedures by using an an Identity Provider (I...
Single Sign-On (SSO) is a solution where the authentication process is taken care of once by a third...
OpenID is an open and promising Web single sign-on (SSO) solution. This work investigates the challe...
OpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user a...
Today, there is an increasing demand for authentication services to provide authentication to users ...
OpenID and OAuth are open and lightweight web single sign-on (SSO) protocols that have been adopted ...
OpenID and OAuth are open and lightweight web single sign-on (SSO) protocols that have been adopted ...
OpenID is an open and promising Web single sign-on solution; however, the interaction flows provided...
International audienceOpenID, a standard for Web single sign-on, has been gaining popularity both wi...
Many millions of users routinely use Google, Facebook and Microsoft to log in to websites supporting...
This paper studies the privacy risks for the users of two popular single sign-on platforms for web-b...
It is increasingly difficult to manage the user identities (IDs) of rapidly developing and numerous ...
The problem of password memorability among users has led to the introduction of Single Sign-On (SSO)...
It is essential to solve the problem due to password fatigue in order to increase the security of th...
Single Sign-on (SSO) authentication was introduced to overcome the problem of password memorability ...
Abstract. Single Sign-On (SSO) systems simplify login procedures by using an an Identity Provider (I...
Single Sign-On (SSO) is a solution where the authentication process is taken care of once by a third...
OpenID is an open and promising Web single sign-on (SSO) solution. This work investigates the challe...
OpenID 2.0 is a user-centric Web single sign-on protocol with over one billion OpenID-enabled user a...
Today, there is an increasing demand for authentication services to provide authentication to users ...
OpenID and OAuth are open and lightweight web single sign-on (SSO) protocols that have been adopted ...
OpenID and OAuth are open and lightweight web single sign-on (SSO) protocols that have been adopted ...
OpenID is an open and promising Web single sign-on solution; however, the interaction flows provided...
International audienceOpenID, a standard for Web single sign-on, has been gaining popularity both wi...
Many millions of users routinely use Google, Facebook and Microsoft to log in to websites supporting...
This paper studies the privacy risks for the users of two popular single sign-on platforms for web-b...
It is increasingly difficult to manage the user identities (IDs) of rapidly developing and numerous ...
The problem of password memorability among users has led to the introduction of Single Sign-On (SSO)...
It is essential to solve the problem due to password fatigue in order to increase the security of th...
Single Sign-on (SSO) authentication was introduced to overcome the problem of password memorability ...
Abstract. Single Sign-On (SSO) systems simplify login procedures by using an an Identity Provider (I...
Single Sign-On (SSO) is a solution where the authentication process is taken care of once by a third...
OpenID is an open and promising Web single sign-on (SSO) solution. This work investigates the challe...