2019
DOI: 10.1016/j.cose.2019.03.003
|View full text |Cite
|
Sign up to set email alerts
|

Understanding and mitigating OpenID Connect threats

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
1
1
1
1

Citation Types

0
17
0
6

Year Published

2020
2020
2023
2023

Publication Types

Select...
4
2
2

Relationship

0
8

Authors

Journals

citations
Cited by 31 publications
(23 citation statements)
references
References 5 publications
0
17
0
6
Order By: Relevance
“…More testing could identify further gaps in Facebook and other social media algorithms. This is particularly important as Facebook and other platforms are increasingly being user as OpenID providers; a process that authenticates users ID on third party platforms (Navas and Beltrán, 2019).…”
Section: Discussionmentioning
confidence: 99%
“…More testing could identify further gaps in Facebook and other social media algorithms. This is particularly important as Facebook and other platforms are increasingly being user as OpenID providers; a process that authenticates users ID on third party platforms (Navas and Beltrán, 2019).…”
Section: Discussionmentioning
confidence: 99%
“…We assume that the fog is using OpenID Connect (OIDC), which is a popular third-party authentication mechanism that allows a client to authenticate an end-user based on authentication with an authorization server and obtain information about user [17]. It is predicted that in the coming years, OIDC will have widespread adoption in fog computing and IoT applications [18]. The subscriber must also start using a particular application in the fog network from the same state it had been left off in the 3GPP MEC.…”
Section: B Problem Statementmentioning
confidence: 99%
“…Lu et al 44,45 formally modeled and verified the OpenID Connect protocol and SAML2.0 protocol using Applied PI calculus in the symbolic model. Jorge et al 46 recognized sixteen kinds of attack patterns of OpenID Connect protocol, for example, token leakage, compromised identity provider password, and session hijack. Furthermore, corresponding possible solutions and mitigation measures were proposed.…”
Section: Related Workmentioning
confidence: 99%