暂无分享,去创建一个
Jörg Schwenk | Vladislav Mladenov | Christian Mainka | Florian Feldmann | Julian Krautwald | Jörg Schwenk | Vladislav Mladenov | Christian Mainka | Florian Feldmann | Julian Krautwald
[1] Jerome H. Saltzer,et al. Kerberos authentication and authorization system , 1987 .
[2] Cormac Herley,et al. A large-scale study of web password habits , 2007, WWW '07.
[3] Collin Jackson,et al. Securing frame communication in browsers , 2008, CACM.
[4] Dawn Xiaodong Song,et al. Towards a Formal Foundation of Web Security , 2010, 2010 23rd IEEE Computer Security Foundations Symposium.
[5] XiaoFeng Wang,et al. Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services , 2012, 2012 IEEE Symposium on Security and Privacy.
[6] Konstantin Beznosov,et al. The devil is in the (implementation) details: an empirical analysis of OAuth SSO systems , 2012, CCS.
[7] J. Bradley,et al. JSON Web Token (JWT) draft-ietf-oauth-json-web-token-02 , 2013 .
[8] Yuri Gurevich,et al. Explicating SDKs: Uncovering Assumptions Underlying Secure Authentication and Authorization , 2013, USENIX Security Symposium.
[9] N. Sakimura,et al. JSON Web Signature (JWS) draft-ietf-jose-json-web-signature-11 , 2013 .
[10] Dawn Xiaodong Song,et al. The Emperor's New Password Manager: Security Analysis of Web-based Password Managers , 2014, USENIX Security Symposium.
[11] Christopher Krügel,et al. Protecting Web-Based Single Sign-on Protocols against Relying Party Impersonation Attacks through a Dedicated Bi-directional Authenticated Secure Channel , 2014, RAID.
[12] Yuchen Zhou,et al. SSOScan: Automated Testing of Web Applications for Single Sign-On Vulnerabilities , 2014, USENIX Security Symposium.
[13] Yuan Tian,et al. OAuth Demystified for Mobile Application Developers , 2014, CCS.