2,229 Hits in 1.5 sec

The OAuth 2.0 Web Authorization Protocol for the Internet Addiction Bioinformatics (IABio) Database

Jeongseok Choi, Jaekwon Kim, Dong Kyun Lee, Kwang Soo Jang, Dai-Jin Kim, In Young Choi
2016 Genomics & Informatics  
In this respect, our study proposes the OAuth standard protocol for database access authorization.  ...  The OAuth 2.0 protocol is expected to establish the security of personal medical information and be applied to genomic research on IA.  ...  OAuth 2.0 is a protocol with authorization function to J Choi, et al. Authorization Protocol for Bioinformatics Database control and manage access to web services.  ... 
doi:10.5808/gi.2016.14.1.20 pmid:27103887 pmcid:PMC4838526 fatcat:bqt7svi4dvb4ln44eufozokr5m

Survey on Restful Web Services Using Open Authorization (Oauth)

K. V. Kanmani
2013 IOSR Journal of Computer Engineering  
The open authorization (OAuth) 2.0 protocol enables the users to grant third-party application access to their web resources without sharing their login credential data.  ...  Web services are application based programming interfaces (API) or web APIs that are accessed through Hypertext Transfer Protocol (HTTP) to execute on a remote system hosting the requested services.  ...  using data interchange format as well as OAuth as authorization protocol.  ... 
doi:10.9790/0661-1545356 fatcat:p5x6n6qn2na6lcnx3wwr4dos3e

OAuth Demystified for Mobile Application Developers

Eric Y. Chen, Yutong Pei, Shuo Chen, Yuan Tian, Robert Kotcher, Patrick Tague
2014 Proceedings of the 2014 ACM SIGSAC Conference on Computer and Communications Security - CCS '14  
OAuth has become a highly influential protocol due to its swift and wide adoption in the industry. The initial objective of the protocol was specific: it serves the authorization needs for websites.  ...  re-purposed OAuth for user authentication; (2) developers have re-targeted OAuth to the mobile platforms, in addition to the traditional web platform.  ...  Differences between mobile and web platforms that affect OAuth security The previous subsection showed that the three OAuth protocol flows differ significantly.  ... 
doi:10.1145/2660267.2660323 dblp:conf/ccs/ChenPCTKT14 fatcat:t3kssaknivf6rmwwwripolnjy4

Comparison of CAS and Manage Oauth in Single Sign on (SSO) Client Applications

Sri Watini, Pipit Nursaputri, Muhammad Iqbal
2020 IAIC Transactions on Sustainable Digital Innovation (ITSDI)  
Central Authentication Service and Open authorization is two Single Sign On systems most widely used in the manufacture of a web log .  ...  In a variety of methods and protocols , a developer can choose the architecture and protocols that can be used to develop the system.  ...  Using the OAuth protocol, users can authorize clients to access protected data already on the server by giving a token without file username and password.  ... 
doi:10.34306/itsdi.v1i2.147 fatcat:n47tdt6jrrcdndkmtv3il6mley

More Guidelines Than Rules: CSRF Vulnerabilities from Noncompliant OAuth 2.0 Implementations [chapter]

Ethan Shernan, Henry Carter, Dave Tian, Patrick Traynor, Kevin Butler
2015 Lecture Notes in Computer Science  
Background At its core, the OAuth protocol allows a user to grant a web application authorized access to his data on a different application [28] .  ...  OAuth 2.0 provides an open framework for the authorization of users across the web.  ...  This authorization and authentication is handled by the OAuth 2.0 protocol.  ... 
doi:10.1007/978-3-319-20550-2_13 fatcat:m2ttpocmizdpzji4bl2fk7elfu

The Extended Authentication Protocol using E-mail Authentication in OAuth 2.0 Protocol for Secure Granting of User Access
OAuth 2.0 프로토콜에서 E-mail을 이용한 사용자 권한 인증

Cheol-Joo Chae, Kwang-Nam Choi, Kiseok Choi, Yong-Hee Yae, YounJu Shin
2015 Journal of Internet Computing and services  
To resolve of such inconvenience, a third party application with OAuth(Open Authorization) protocol that can provide restricted access to different web services has appeared.  ...  이러한 불편함을 해결하기 위해 3 rd Party 어플리케이션이 웹 서비스에 대하여 제한된 접근 권한을 얻을 수 있게 해주는 OAuth(Open Authorization) 프로토콜이 등장하게 되었다. 이러한 OAuth 프로토콜은 사용자에게 편리하고 유연한 서비스를 제공한다.  ...  Users wanted to share various web contents on their SNS page, and the OAuth protocol appeared in response to such users' needs [4] .  ... 
doi:10.7472/jksii.2015.16.1.21 fatcat:psgcx2774bce3ofdqu5qkuh5ou

Incorporating OAuth Protocol into Existing Information Systems

Utharn Buranasaksee
2016 Journal of Software  
Then OAuth protocol was introduced to solve the problem without providing the user's credential. The protocol was also designed to support mobile, desktop, and web applications.  ...  Therefore, the need of migrating the current data repositories to support authorization as an OAuth server gains more attention.  ...  We introduced the issues in implementing the OAuth server role where the software libraries available on the official website have not addressed.  ... 
doi:10.17706/jsw.11.6.615-622 fatcat:ggiet3rzdzb6llqywm5rneuxq4

A survey on OAUTH protocol for security

V Srikanth, Jupalli Sneha Latha, Dinne Ajay Kumar, Kakarla Uma Maheswari
2017 International Journal of Engineering & Technology  
The code written for authorization may be leaked during transmission which then may lead to misuse. This paper uses an attacker model to study the security vulnerabilities of the OAuth protocol.  ...  It is one of the most powerful open standard authorization protocols available to all API developers today.  ...  Introduction OAuth 2.0 implies open standard protocol which is a token based approval and validation predominantly used over web and different applications of the web.  ... 
doi:10.14419/ijet.v7i1.1.10834 fatcat:il4aypvx6jf4bjuduamcee4ugi

Machine learning approach to vulnerability detection in OAuth 2.0 authentication and authorization flow

Kindson Munonye, Martinek Péter
2021 International Journal of Information Security  
Vulnerability in OAuth authorization flow allows an attacker to alter the normal flow sequence of the OAuth protocol.  ...  AbstractTechnologies for integrating enterprise web applications have improved rapidly over the years.  ...  Creative Commons Attribution 4.0 International License, which permits use, sharing, adaptation, distribution and reproduction in any medium or format, as long as you give appropriate credit to the original author  ... 
doi:10.1007/s10207-021-00551-w fatcat:7eeqriji4zb2hopwjh4whuvmd4

Federated Identity and Access Management for the Internet of Things

Paul Fremantle, Benjamin Aziz, Jacek Kopecky, Philip Scott
2014 2014 International Workshop on Secure Internet of Things  
OAuth is a widely deployed protocol -built on top of HTTP -for applying FIAM to Web systems. We explore the use of OAuth for IoT systems that instead use the lightweight MQTT 3.1 protocol.  ...  In order to evaluate this area, we built a prototype that uses OAuth 2.0 to enable access control to information distributed via MQTT.  ...  We wish also to investigate the use of OAuth2 with CoAP and other protocols for IoT.  ... 
doi:10.1109/siot.2014.8 dblp:conf/siot/FremantleAKS14 fatcat:egjavbnavjegdlk57zoa4brhmq

Justin Richer on OAuth

Gavin Henry
2020 IEEE Software  
OAuth1 was a monolithic protocol; OAuth2 allows greater flexibility. OAuth was a reaction to Web APIs that were deployed with HTTP basic authentication, asking for username and password.  ...  376 of "Software Engineering Radio," Justin Richer, lead author of OAuth2 in Action and editor of OAuth extensions RFC 7591, 7592, and 7662, discusses the key technical features of the OAuth 2.0 protocol  ...  ABOUT THE AUTHOR GAVIN HENRY is the founder of SureVoIP, an Internet telephony service provider, and has written most of the software that sticks it all together.  ... 
doi:10.1109/ms.2019.2949648 fatcat:ipb45t2lhvdozg3adrv5pik46i

WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring [article]

Stefano Calzavara, Clara Schneidewind Università Ca' Foscari Venezia
2018 arXiv   pre-print
We formally prove that WPSE is expressive enough to protect web applications from a wide range of protocol implementation bugs and web attacks.  ...  We present WPSE, a browser-side security monitor for web protocols designed to ensure compliance with the intended protocol flow, as well as confidentiality and integrity properties of messages.  ...  Figure 1 : 1 OAuth 2.0 (authorization code mode).  ... 
arXiv:1806.09111v1 fatcat:unpo672n3vfgvebvljzm4wtzlq

Discovering Concrete Attacks on Website Authorization by Formal Analysis

Chetan Bansal, Karthikeyan Bhargavan, Sergio Maffeis
2012 2012 IEEE 25th Computer Security Foundations Symposium  
This success is largely due to the APIs and support offered by prominent social networks, such as Facebook, Twitter, and Google, on the basis of new open standards such as the OAuth 2.0 authorization protocol  ...  We model several configurations of the OAuth 2.0 protocol in the applied pi-calculus and verify them using ProVerif.  ...  OAuth Authorization (Web Server Flow): A three-party social web application that models the web server flow of the OAuth protocol, as described in Section III.  ... 
doi:10.1109/csf.2012.27 dblp:conf/csfw/BansalBM12 fatcat:4qg4j77ovncglffw6s5dkbc5zq

Discovering concrete attacks on website authorization by formal analysis1

Chetan Bansal, Karthikeyan Bhargavan, Antoine Delignat-Lavaud, Sergio Maffeis, Lieven Desmet, Martin Johns, Benjamin Livshits, Andrei Sabelfeld
2014 Journal of Computer Security  
This success is largely due to the APIs and support offered by prominent social networks, such as Facebook, Twitter, and Google, on the basis of new open standards such as the OAuth 2.0 authorization protocol  ...  We model several configurations of the OAuth 2.0 protocol in the applied pi-calculus and verify them using ProVerif.  ...  OAuth Authorization (Web Server Flow): A three-party social web application that models the web server flow of the OAuth protocol, as described in Section III.  ... 
doi:10.3233/jcs-140503 fatcat:fmicjcd7czhovaf7l5ura56o6i

Secure User Authority Authentication Method in the Open Authorization
Open Authorization에서의 안전한 사용자 권한 인증 방법에 관한 연구

Cheol-Joo Chae, June-Hwan Lee, Han-Jin Cho
2014 Journal of Digital Convergence  
The OAuth(Open Authorization) protocol which acquires the access privilege in which 3rd Party application is limited on the web service in order to resolve this inconvenience appeared.  ...  This OAuth protocol provides the service which is convenient and flexible to the user but has the security vulnerability about the authorization acquisition.  ...  Authorization Server는 Client와 User 정보를 인증한 후 [Fig. 1] OAuth 2.0 Protocol Flow 3.  ... 
doi:10.14400/jdc.2014.12.8.289 fatcat:xuto6avai5dvxmf73ihenb2ftm
« Previous Showing results 1 — 15 out of 2,229 results