Discovering concrete attacks on website authorization by formal analysis1

Bansal, Chetan; Bhargavan, Karthikeyan; Delignat-Lavaud, Antoine; Maffeis, Sergio

doi:10.3233/jcs-140503

Cited by 50 publications

(13 citation statements)

References 39 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…Formal analysis and verification have in recent years been applied to IoT and security protocol standards using various approaches. For example, OAuth2 [12] has been formally analysed using the ProVerif static analysis tool [19], in which specific threats were identified. Another example is that of Pai et al [20], who utilised the Alloy Framework [21] to analyse the security constraints of OAuth2.…”

Section: Related Workmentioning

confidence: 99%

Deriving event data sharing in IoT systems using formal modelling and analysis

Fremantle

Aziz

2019

Internet of Things

View full text Add to dashboard Cite

The increasing presence and utilisation of IoT systems raises many fundamental security and privacy issues that require robust approaches in understanding the behaviour of IoT systems and tackling those issues. In previous works, we demonstrated how some of the security and privacy questions in IoT systems could be answered by means of using federated identity management and authorisation frameworks, such as OAuth, intelligent gateways and personal cloud systems. In this paper, we take these works into a more fundamental level by formally modelling and analysing the OAuthing personal cloud-based IoT system. We demonstrate that this exercise reveals how data is shared across the system, and therefore how security and privacy guarantees can be established at a fundamental level.

show abstract

Section: Related Workmentioning

confidence: 99%

Deriving event data sharing in IoT systems using formal modelling and analysis

Fremantle

Aziz

2019

Internet of Things

View full text Add to dashboard Cite

show abstract

“…Frostig and Slack [20] discovered a cross site request forgery attack in the Implicit Grant flow of OAuth 2.0, using the Murphi framework [6]. Bansal et al [1] analysed the security of OAuth 2.0 using the WebSpi [2] and ProVerif models [3]. However, all this work is based on abstract models, and so delicate implementation details are ignored.…”

Section: Explicit User Intention Trackingmentioning

confidence: 99%

“…-The cross social-network request forgery attack was described by Bansal, Bhargavan and Maffeis [1]. It applies to RPs using third party libraries, such as JanRain or GigYa, to manage their IdPs, as these RPs use the same login endpoint for all IdPs.…”

Section: Explicit User Intention Trackingmentioning

confidence: 99%

See 1 more Smart Citation

Your Code Is My Code: Exploiting a Common Weakness in OAuth 2.0 Implementations

Mitchell

2018

Security Protocols XXVI

View full text Add to dashboard Cite

Many millions of users routinely use their Google, Facebook and Microsoft accounts to log in to websites supporting OAuth 2.0-based single sign on. The security of OAuth 2.0 is therefore of critical importance, and it has been widely examined both in theory and in practice. In this paper we disclose a new class of practical attacks on OAuth 2.0 implementations, which we call Partial Redirection URI Manipulation Attacks. An attack of this type can be used by an attacker to gain a victim user's OAuth 2.0 code (a token representing a right to access user data) without the user's knowledge; this code can then be used to impersonate the user to the relevant relying party website. We examined 27 leading OAuth 2.0 identity providers, and found that 19 of them are vulnerable to these attacks.

show abstract

“…From time to time, the number of profiles and credentials that users hold are increasing. Consequently, users suffer from credentials management issues where they are unable to manage their credentials properly [1][2].…”

Section: Introductionmentioning

confidence: 99%

Security of social network credentials for accessing course portal: Users’ experience

Katuk

Fong

Chun

2015

AIP Conference Proceedings

View full text Add to dashboard Cite

Social login (SL) has recently emerged as a solution for single sign-on (SSO) within the web and mobile environments. It allows users to use their existing social network credentials (SNC) to login to third party web applications without the need to create a new identity in the intended applications' database. Although it has been used by many web application providers, its' applicability in accessing learning materials is not yet fully investigated. Hence, this research aims to explore users' (i.e., instructors' and students') perception and experience on the security of SL for accessing learning contents. A course portal was developed for students at a higher learning institution and it provides two types of user authentications (i) traditional user authentication, and (ii) SL facility. Users comprised instructors and students evaluated the login facility of the course portal through a controlled lab experimental study following the withinsubject design. The participants provided their feedback in terms of the security of SL for accessing learning contents. The study revealed that users preferred to use SL over the traditional authentication, however, they concerned on the security of SL and their privacy.

show abstract

Discovering concrete attacks on website authorization by formal analysis1

Cited by 50 publications

References 39 publications

Deriving event data sharing in IoT systems using formal modelling and analysis

Deriving event data sharing in IoT systems using formal modelling and analysis

Your Code Is My Code: Exploiting a Common Weakness in OAuth 2.0 Implementations

Security of social network credentials for accessing course portal: Users’ experience

Contact Info

Product

Resources

About