A copy of this work was available on the public web and has been preserved in the Wayback Machine. The capture dates from 2012; you can also visit the original URL.
The file type is application/pdf
.
Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services
2012
2012 IEEE Symposium on Security and Privacy
With the boom of software-as-a-service and social networking, web-based single sign-on (SSO) schemes are being deployed by more and more commercial websites to safeguard diverse web resources, ranging from emails and social contents to business documents. Although prior research shows that formal verification of SSO protocols can detect protocol-level flaws, little has been done to analyze the security quality of these commercially deployed systems, which faces unique technical challenges,
doi:10.1109/sp.2012.30
dblp:conf/sp/WangCW12
fatcat:f2pjztogybbyjffexvu6sblvae