An empirical study of security issues in SSO server-side implementations

被引：0

作者：

Hui WANG ^{[1
]}

Dawu GU ^{[1
]}

Yuanyuan ZHANG ^{[1
]}

Yikun HU ^{[1
]}

机构：

[1] Lab of Cryptology and Computer Security, Shanghai Jiao Tong University

来源：

Science China(Information Sciences) | 2022年 / 07期

关键词：

D O I：

暂无

中图分类号：

TP393.08 [];

学科分类号：

0839 ; 1402 ;

摘要：

Dear editor, Single sign-on (SSO) schemes have been widely used by major companies to manage service authorization and user authentication. They can enable third-party applications to obtain user information from a service provider to identify a user. The third-party application is often referred to as the relying party (RP), and the service provider is referred to as the identity provider (Id P). According to a recent study [1], OAuth and its extension Open ID connect (OIDC) are amongst the most widespread SSO protocols;

引用

页码：253 / 255

页数：3

共 50 条

[1] An empirical study of security issues in SSO server-side implementations
Wang, Hui
Gu, Dawu
Zhang, Yuanyuan
Hu, Yikun
[J]. SCIENCE CHINA-INFORMATION SCIENCES, 2022, 65 (07)
[2] An empirical study of security issues in SSO server-side implementations
Hui Wang
Dawu Gu
Yuanyuan Zhang
Yikun Hu
[J]. Science China Information Sciences, 2022, 65
[3] Security issues on server-side credit-based electronic payment systems
Liu, A
Shen, VY
Muppala, JK
[J]. THIRD INTERNATIONAL SYMPOSIUM ON ELECTRONIC COMMERCE, PROCEEDINGS, 2002, : 47 - 57
[4] Server-Side Streaming Processing of WS-Security
Gruschka, Nils
Jensen, Meiko
Lo Iacono, Luigi
Luttenberger, Norbert
[J]. IEEE TRANSACTIONS ON SERVICES COMPUTING, 2011, 4 (04) : 272 - 285
[5] Server-side scripting
Fish, S
[J]. DR DOBBS JOURNAL, 1998, 23 (03): : 8 - 8
[6] IMPROVING DATA ACCESS SECURITY BY SERVER-SIDE FUNCTIONAL EXTENSIONS
Milosz, Marek
Draganek, Dariusz
[J]. ADVANCES IN SCIENCE AND TECHNOLOGY-RESEARCH JOURNAL, 2016, 10 (30) : 69 - 75
[7] Using server-side includes
Kruse, M
[J]. DR DOBBS JOURNAL, 1996, 21 (02): : 52 - &
[8] The service of server-side includes
Mach, M
[J]. INFORMATION TECHNOLOGY AND LIBRARIES, 2001, 20 (04) : 213 - 219
[9] An Interpreter for Server-Side Hop
Serpette, Bernard Paul
Serrano, Manuel
[J]. ACM SIGPLAN NOTICES, 2012, 47 (02) : 1 - 11
[10] Protecting Web servers from security holes in Server-Side Includes
Karro, J
Wang, J
[J]. 14TH ANNUAL COMPUTER SECURITY APPLICATIONS CONFERENCE, PROCEEDINGS, 1998, : 103 - 111

← 1 2 3 4 5 →