On the Insecurity of Microsoft's Identity Metasystem
暂无分享,去创建一个
[1] Thomas Groß,et al. Security analysis of the SAML single sign-on browser/artifact profile , 2003, 19th Annual Computer Security Applications Conference, 2003. Proceedings..
[2] Desney S. Tan,et al. An Evaluation of Extended Validation and Picture-in-Picture Phishing Attacks , 2007, Financial Cryptography.
[3] Bogdan Warinschi,et al. A computational analysis of the Needham-Schroeder-(Lowe) protocol , 2003, 16th IEEE Computer Security Foundations Workshop, 2003. Proceedings..
[4] Christopher Allen,et al. The TLS Protocol Version 1.0 , 1999, RFC.
[5] David Chaum,et al. Undeniable Signatures , 1989, CRYPTO.
[6] Dan Boneh,et al. Protecting browsers from dns rebinding attacks , 2007, CCS '07.
[7] Amir Herzberg,et al. Why Johnny can't surf (safely)? Attacks and defenses for web users , 2009, Comput. Secur..
[8] David A. Wagner,et al. Dynamic pharming attacks and locked same-origin policies for web browsers , 2007, CCS '07.
[9] Rolf Oppliger,et al. SSL/TLS session-aware user authentication - Or how to effectively thwart the man-in-the-middle , 2006, Comput. Commun..
[10] Colin Boyd,et al. Protocols for Authentication and Key Establishment , 2003, Information Security and Cryptography.
[11] Christopher Krügel,et al. Noxes: a client-side solution for mitigating cross-site scripting attacks , 2006, SAC '06.
[12] Rolf Oppliger,et al. SSL/TLS Session-Aware User Authentication , 2008, Computer.
[13] Marti A. Hearst,et al. Why phishing works , 2006, CHI.
[14] Aviel D. Rubin,et al. Risks of the Passport single signon protocol , 2000, Comput. Networks.
[15] Andrew D. Gordon,et al. Verified implementations of the information card federated identity-management protocol , 2008, ASIACCS '08.
[16] Birgit Pfitzmann,et al. Analysis of Liberty Single-Sign-on with Enabled Clients , 2003, IEEE Internet Comput..
[17] Markus Jakobsson,et al. Drive-By Pharming , 2007, ICICS.
[18] Stuart E. Schechter,et al. The Emperor's New Security Indicators , 2007, 2007 IEEE Symposium on Security and Privacy (SP '07).