A Framework for Formal Analysis of Privacy on SSO Protocols

Single Sign-on (SSO) protocols, which allow a website to authenticate its users via accounts registered with another website, are forming the basis of user identity management in contemporary websites. Given the critical role they are playing in safeguarding the privacy-sensitive web services and user data, SSO protocols deserve a rigorous formal verification. In this work, we provide a framework facilitating formal modeling of SSO protocols and analysis of their privacy property. Our framework incorporates a formal model of the web infrastructure (e.g., network and browsers), a set of attacker models (e.g., malicious IDP) and a formalization of the privacy property with respect to SSO protocols. Our analysis has identified a new type of attack that allows malicious participants to learn which websites the victim users have logged in to.

[1]  Florian Kerschbaum,et al.  Simple cross-site attack prevention , 2007, 2007 Third International Conference on Security and Privacy in Communications Networks and the Workshops - SecureComm 2007.

[2]  Ralf Küsters,et al.  Analyzing the BrowserID SSO System with Primary Identity Providers Using an Expressive Model of the Web , 2014, ESORICS.

[3]  Jin Song Dong,et al.  Formal Analysis of a Single Sign-On Protocol Implementation for Android , 2015, 2015 20th International Conference on Engineering of Complex Computer Systems (ICECCS).

[4]  XiaoFeng Wang,et al.  Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services , 2012, 2012 IEEE Symposium on Security and Privacy.

[5]  Mark Ryan,et al.  Verifying privacy-type properties of electronic voting protocols , 2009, J. Comput. Secur..

[6]  Jun Sun,et al.  AUTHSCAN: Automatic Extraction of Web Authentication Protocols from Implementations , 2013, NDSS.

[7]  Martín Abadi,et al.  Mobile values, new names, and secure communication , 2001, POPL '01.

[8]  Yang Liu,et al.  TrustFound: Towards a Formal Foundation for Model Checking Trusted Computing Platforms , 2014, FM.

[9]  Ralf Küsters,et al.  SPRESSO: A Secure, Privacy-Respecting Single Sign-On System for the Web , 2015, CCS.

[10]  Perdita Stevens,et al.  ON TOOLS AND ALGORITHMS FOR THE CONSTRUCTION AND ANALYSIS OF SYSTEMS , 2006 .

[11]  Ralf Küsters,et al.  An Expressive Model for the Web Infrastructure: Definition and Application to the Browser ID SSO System , 2014, 2014 IEEE Symposium on Security and Privacy.

[12]  Karthikeyan Bhargavan,et al.  Keys to the Cloud: Formal Analysis and Concrete Attacks on Encrypted Web Storage , 2013, POST.

[13]  Alessandro Armando,et al.  Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for google apps , 2008, FMSE '08.

[14]  Jun Sun,et al.  vTRUST: A Formal Modeling and Verification Framework for Virtualization Systems , 2013, ICFEM.

[15]  Daniel Jackson,et al.  Alloy: A New Technology for Software Modelling , 2002, TACAS.

[16]  Danny Dolev,et al.  On the security of public key protocols , 1981, 22nd Annual Symposium on Foundations of Computer Science (sfcs 1981).

[17]  Bruno Blanchet,et al.  An efficient cryptographic protocol verifier based on prolog rules , 2001, Proceedings. 14th IEEE Computer Security Foundations Workshop, 2001..

[18]  Dawn Xiaodong Song,et al.  Towards a Formal Foundation of Web Security , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.

[19]  Kirstie Hawkey,et al.  Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures , 2012, Computers & security.