Security flows in OAuth 2.0 framework: A case study

Marios Argyriou, Nicola Dragoni, Angelo Spognardi

Research output: Chapter in Book/Report/Conference proceedingArticle in proceedingsResearchpeer-review

Abstract

The burst in smartphone use, handy design in laptops and tablets as well as other smart products, like cars with the ability to drive you around, manifests the exponential growth of network usage and the demand of accessing remote data on a large variety of services. However, users notoriously struggle to maintain distinct accounts for every single service that they use. The solution to this problem is the use of a Single Sign On (SSO) framework, with a unified single account to authenticate user’s identity throughout the different services. In April 2007, AOL introduced OpenAuth framework. After several revisions and despite its wide adoption, OpenAuth 2.0 has still several flaws that need to be fixed in several implementations. In this paper, we present a thorough review about both benefits of this single token authentication mechanism and its open flaws.
Original languageEnglish
Title of host publicationProceedings of International Conference on Computer Safety, Reliability, and Security.
PublisherSpringer
Publication date2017
Pages396-406
ISBN (Print)9783319662831
DOIs
Publication statusPublished - 2017
EventInternational Conference on Computer Safety, Reliability, and Security - Trento, Italy
Duration: 12 Sept 201715 Sept 2017

Conference

ConferenceInternational Conference on Computer Safety, Reliability, and Security
Country/TerritoryItaly
CityTrento
Period12/09/201715/09/2017
SeriesLecture Notes in Computer Science
Volume10489
ISSN0302-9743

Keywords

  • Theoretical Computer Science
  • Computer Science (all)
  • Computer Science
  • Logics and Meanings of Programs
  • Programming Languages, Compilers, Interpreters
  • Software Engineering
  • Systems and Data Security
  • Computer Applications
  • Computer Systems Organization and Communication Networks

Fingerprint

Dive into the research topics of 'Security flows in OAuth 2.0 framework: A case study'. Together they form a unique fingerprint.

Cite this