A Security Analysis of OpenID

Abstract : OpenID, a standard for Web single sign-on, has been gaining popularity both with Identity Providers, Relying Parties, and users. This paper collects the security issues in OpenID found by others, occasionally extended by the authors, and presents them in a uniform way. It attempts to combine the shattered knowledge into a clear overview. The aim of this paper is to raise awareness about security issues surrounding OpenID and similar standards and help shape opinions on what (not) to expect from OpenID when deployed in a not-so-friendly context.
Type de document :
Communication dans un congrès
Elisabeth Leeuw; Simone Fischer-Hübner; Lothar Fritsch. Second IFIP WG 11.6 Working Conference on Policies and Reseach Management (IDMAN), Nov 2010, Oslo, Norway. Springer, IFIP Advances in Information and Communication Technology, AICT-343, pp.73-84, 2010, Policies and Research in Identity Management. 〈10.1007/978-3-642-17303-5_6〉
Liste complète des métadonnées

Littérature citée [15 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01054399
Contributeur : Hal Ifip <>
Soumis le : mercredi 6 août 2014 - 15:47:51
Dernière modification le : vendredi 11 août 2017 - 15:05:18
Document(s) archivé(s) le : mercredi 26 novembre 2014 - 00:51:22

Fichier

paper.pdf
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Bart Delft, Martijn Oostdijk. A Security Analysis of OpenID. Elisabeth Leeuw; Simone Fischer-Hübner; Lothar Fritsch. Second IFIP WG 11.6 Working Conference on Policies and Reseach Management (IDMAN), Nov 2010, Oslo, Norway. Springer, IFIP Advances in Information and Communication Technology, AICT-343, pp.73-84, 2010, Policies and Research in Identity Management. 〈10.1007/978-3-642-17303-5_6〉. 〈hal-01054399〉

Partager

Métriques

Consultations de la notice

442

Téléchargements de fichiers

812