v1v2v3v4 (latest)

A Comprehensive Formal Security Analysis of OAuth 2.0

6 January 2016

Papers citing "A Comprehensive Formal Security Analysis of OAuth 2.0"

28 / 28 papers shown

Title
ETDI: Mitigating Tool Squatting and Rug Pull Attacks in Model Context Protocol (MCP) by using OAuth-Enhanced Tool Definitions and Policy-Based Access Control Manish Bhatt Vineeth Sai Narajala Idan Habler 42 1 0 02 Jun 2025
A Novel Zero-Trust Identity Framework for Agentic AI: Decentralized Authentication and Fine-Grained Access Control Ken Huang Vineeth Sai Narajala John Yeoh Jason Ross Ramesh Raskar Youssef Harkati Jerry Huang Idan Habler Chris Hughes 44 2 0 25 May 2025
Got Ya! -- Sensors for Identity Management Specific Security Situational Awareness Daniela Pöhn Heiner Lüken 58 0 0 06 Mar 2025
Towards an Improved Taxonomy of Attacks related to Digital Identities and Identity Management Systems Daniela Pöhn Wolfgang Hommel 63 3 0 23 Jul 2024
Towards automated formal security analysis of SAML V2.0 Web Browser SSO standard -- the POST/Artifact use case Zvonimir Hartl Ante Derek 26 0 0 18 Mar 2024
SOAP: A Social Authentication Protocol Felix Linker David Basin 18 1 0 05 Feb 2024
MISO: Legacy-compatible Privacy-preserving Single Sign-on using Trusted Execution Environments Rongwu Xu Sen Yang Fan Zhang Zhixuan Fang 60 8 0 11 May 2023
Unified Singular Protocol Flow for OAuth (USPFO) Ecosystem Jaimandeep Singh N. Chaudhary 8 0 0 29 Jan 2023
A Capability-based Distributed Authorization System to Enforce Context-aware Permission Sequences Adrian Shuai Li Reihaneh Safavi-Naini Philip W. L. Fong 16 2 0 09 Nov 2022
Assessing the Solid Protocol in Relation to Security & Privacy Obligations C. Esposito O. Hartig Ross Horne Chang-Pu Sun 24 3 0 15 Oct 2022
"Sign in with ... Privacy'': Timely Disclosure of Privacy Differences among Web SSO Login Options Srivathsan G. Morkonda Sonia Chiasson P. V. Oorschot 146 5 0 09 Sep 2022
WebSpec: Towards Machine-Checked Analysis of Browser Security Mechanisms Lorenzo Veronese Benjamin Farinier Pedro Miguel Sousa Bernardo M. Tempesta M. Squarcina Matteo Maffei 13 4 0 05 Jan 2022
UPPRESSO: Untraceable and Unlinkable Privacy-PREserving Single Sign-On Services Chengqian Guo Jingqiang Lin Quanwei Cai Wei Wang Fengjun Li Qiongxiao Wang Jiwu Jing Binjie Zhao Fengjun Li 69 12 0 20 Oct 2021
Cerberus: Query-driven Scalable Vulnerability Detection in OAuth Service Provider Implementations Tamjid Al-Rahat Yu Feng Yuan Tian 56 11 0 03 Oct 2021
Exploring Privacy Implications in OAuth Deployments Srivathsan G. Morkonda P. V. Oorschot Sonia Chiasson MLAU 28 4 0 03 Mar 2021
Bulwark: Holistic and Verified Security Monitoring of Web Protocols Lorenzo Veronese Stefano Calzavara Luca Demetrio 40 5 0 15 Jan 2021
Security Analysis of the Open Banking Account and Transaction API Protocol P. Modesti Leo Freitas Qudus Shotomiwa Abdulaziz Almehrej 27 1 0 28 Mar 2020
EL PASSO: Privacy-preserving, Asynchronous Single Sign-On Zhiyi Zhang M. Król A. Sonnino Lixia Zhang E. Rivière 60 28 0 24 Feb 2020
Language-Based Web Session Integrity Stefano Calzavara R. Focardi Niklas Grimm Matteo Maffei M. Tempesta 8 3 0 28 Jan 2020
An Extensive Formal Security Analysis of the OpenID Financial-grade API Daniel Fett Pedram Hosseyni Ralf Küsters 30 25 0 31 Jan 2019
OAuthGuard: Protecting User Security and Privacy with OAuth 2.0 and OpenID Connect Wanpeng Li C. Mitchell Thomas M. Chen OnRL 21 26 0 24 Jan 2019
Verifying Security Protocols using Dynamic Strategies Yan Xiong Cheng Su Wenchao Huang Fuyou Miao Wansen Wang Hengyi Ouyang 24 3 0 27 Jun 2018
WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring Stefano Calzavara R. Focardi Matteo Maffei Clara Schneidewind M. Squarcina M. Tempesta 23 27 0 24 Jun 2018
Mitigating CSRF attacks on OAuth 2.0 and OpenID Connect Wanpeng Li C. Mitchell Thomas M. Chen AAML 26 10 0 24 Jan 2018
Technical Report on Deploying a highly secured OpenStack Cloud Infrastructure using BradStack as a Case Study Bashir Mohammed S. Moyo Kabiru M. Maiyama Sulayman Kinteh Al Noaman M. K. Al-Shaidy M. Kamala Mariam Kiran 27 1 0 26 Dec 2017
Decoupled-IFTTT: Constraining Privilege in Trigger-Action Platforms for the Internet of Things Earlence Fernandes Amir Rahmati Jaeyeon Jung A. Prakash 21 17 0 03 Jul 2017
The Web SSO Standard OpenID Connect: In-Depth Formal Security Analysis and Security Guidelines Daniel Fett Ralf Küsters G. Schmitz 51 80 0 27 Apr 2017
Combining Usability and Privacy Protection in Free-Access Public Cloud Storage Servers: Review of the Main Threats and Challenges Alejandro Sánchez-Gómez Jesús Díaz David Arroyo 16 3 0 27 Oct 2016