Gibbons et al., 2014 - Google Patents
Security evaluation of the OAuth 2.0 frameworkGibbons et al., 2014
View PDF- Document ID
- 9769536336208470191
- Author
- Gibbons K
- Raw J
- Curran K
- Publication year
- Publication venue
- Information Management and Computer Security
External Links
Snippet
The interoperability of cloud data between web applications and mobile devices has vastly improved over recent years. The popularity of social media, smartphones and cloud based web services have contributed to the level of integration that can be achieved between …
- 238000011156 evaluation 0 title description 28
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/60—Protecting data
- G06F21/62—Protecting access to data via a platform, e.g. using keys or access control rules
- G06F21/6218—Protecting access to data via a platform, e.g. using keys or access control rules to a system of files or objects, e.g. local or distributed file system or database
- G06F21/6245—Protecting personal data, e.g. for financial or medical purposes
- G06F21/6263—Protecting personal data, e.g. for financial or medical purposes during internet communication, e.g. revealing personal data from cookies
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F17/00—Digital computing or data processing equipment or methods, specially adapted for specific functions
- G06F17/30—Information retrieval; Database structures therefor; File system structures therefor
- G06F17/30286—Information retrieval; Database structures therefor; File system structures therefor in structured data stores
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/10—Network architectures or network communication protocols for network security for controlling access to network resources
- H04L63/102—Entity profiles
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06Q—DATA PROCESSING SYSTEMS OR METHODS, SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES; SYSTEMS OR METHODS SPECIALLY ADAPTED FOR ADMINISTRATIVE, COMMERCIAL, FINANCIAL, MANAGERIAL, SUPERVISORY OR FORECASTING PURPOSES, NOT OTHERWISE PROVIDED FOR
- G06Q20/00—Payment architectures, schemes or protocols
- G06Q20/38—Payment protocols; Details thereof
- G06Q20/40—Authorisation, e.g. identification of payer or payee, verification of customer or shop credentials; Review and approval of payers, e.g. check credit lines or negative lists
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Ferry et al. | Security evaluation of the OAuth 2.0 framework | |
| US20230085027A1 (en) | System, method and computer program product for credential provisioning in a mobile device platform | |
| CN108901022B (en) | Micro-service unified authentication method and gateway | |
| US20200099677A1 (en) | Security object creation, validation, and assertion for single sign on authentication | |
| US10904218B2 (en) | Secure proxy to protect private data | |
| EP2984589B1 (en) | System and method for mobile single sign-on integration | |
| US10225260B2 (en) | Enhanced authentication security | |
| US10122697B2 (en) | Native authentication experience with failover | |
| US11563740B2 (en) | Methods and systems for blocking malware attacks | |
| US20110277025A1 (en) | Method and system for providing multifactor authentication | |
| Beltran | Characterization of web single sign-on protocols | |
| CN104378376A (en) | SOA-based single-point login method, authentication server and browser | |
| US20140282994A1 (en) | Method for calling up a client program | |
| US20160241536A1 (en) | System and methods for user authentication across multiple domains | |
| Fett et al. | Analyzing the BrowserID SSO system with primary identity providers using an expressive model of the web | |
| Gibbons et al. | Security evaluation of the OAuth 2.0 framework | |
| Van Delft et al. | A security analysis of OpenID | |
| Baker | OAuth2 | |
| Ferdous et al. | Portable personal identity provider in mobile phones | |
| JP5793593B2 (en) | Network authentication method for securely verifying user identification information | |
| Paul et al. | UI Component and Authentication | |
| Keil | Social Security | |
| Carbone et al. | Design and Security Assessment of Usable Multi-factor Authentication and Single Sign-On Solutions for Mobile Applications: A Workshop Experience Report | |
| Wu | Authentication in Web Applications | |
| JP2018067327A (en) | Secure proxy to protect private data |