English
Related papers

Related papers: Exploring Privacy Implications in OAuth Deployment…

200 papers

Millions of users routinely use Google to log in to websites supporting OAuth 2.0 or OpenID Connect; the security of OAuth 2.0 and OpenID Connect is therefore of critical importance. As revealed in previous studies, in practice RPs often…

Cryptography and Security · Computer Science 2019-01-28 Wanpeng Li , Chris J Mitchell , Thomas Chen

Many millions of users routinely use their Google accounts to log in to relying party (RP) websites supporting the Google OpenID Connect service. OpenID Connect, a newly standardised single-sign-on protocol, builds an identity layer on top…

Cryptography and Security · Computer Science 2015-08-10 Wanpeng Li , Chris J Mitchell

Social network platforms are increasingly becoming identity providers and a media for showing multiple types of activity from third-party web sites. In this article, we analyze the services provided by seven of the most popular social…

Software Engineering · Computer Science 2012-07-25 Antonio Tapiador , Víctor Sánchez , Joaquín Salvachúa

Web users are increasingly presented with multiple login options, including password-based login and common web single sign-on (SSO) login options such as "Login with Google" and "Login with Facebook". There has been little focus in…

Human-Computer Interaction · Computer Science 2023-12-29 Srivathsan G. Morkonda , Sonia Chiasson , Paul C. van Oorschot

Single sign-on (SSO) systems, such as OpenID and OAuth, allow web sites, so-called relying parties (RPs), to delegate user authentication to identity providers (IdPs), such as Facebook or Google. These systems are very popular, as they…

Cryptography and Security · Computer Science 2015-08-10 Daniel Fett , Ralf Kuesters , Guido Schmitz

Anonymous Single-Sign-On authentication schemes have been proposed to allow users to access a service protected by a verifier without revealing their identity which has become more important due to the introduction of strong privacy…

Cryptography and Security · Computer Science 2018-04-20 Jinguang Han , Liqun Chen , Steve Schneider , Helen Treharne , Stephan Wesemeyer

Many millions of users routinely use their Google, Facebook and Microsoft accounts to log in to websites supporting OAuth 2.0 and/or OpenID Connect-based single sign on. The security of OAuth 2.0 and OpenID Connect is therefore of critical…

Cryptography and Security · Computer Science 2018-01-25 Wanpeng Li , Chris J Mitchell , Thomas Chen

The number of login options on web sites has increased since the introduction of web single sign-on (SSO) protocols. Web SSO services allow users to grant web sites or relying parties (RPs) access to their personal profile information from…

Cryptography and Security · Computer Science 2024-12-23 Srivathsan G. Morkonda , Sonia Chiasson , Paul C. van Oorschot

The OAuth 2.0 protocol is one of the most widely deployed authorization/single sign-on (SSO) protocols and also serves as the foundation for the new SSO standard OpenID Connect. Despite the popularity of OAuth, so far analysis efforts were…

Cryptography and Security · Computer Science 2019-01-31 Daniel Fett , Ralf Kuesters , Guido Schmitz

Online services like Google provide a variety of application programming interfaces (APIs). These online APIs enable authenticated third-party services and applications (apps) to access a user's account data for tasks such as single sign-on…

Cryptography and Security · Computer Science 2021-11-08 David G. Balash , Xiaoyuan Wu , Miles Grant , Irwin Reyes , Adam J. Aviv

OAuth 2.0 is a popular authorization framework that allows third-party clients such as websites and mobile apps to request limited access to a user's account on another application. The specification classifies clients into different types…

Cryptography and Security · Computer Science 2023-08-03 Jaimandeep Singh , Naveen Kumar Chaudhary

Most OAuth service providers, such as Google and Microsoft, offer only a limited range of coarse-grained data access. As a result, third-party OAuth applications often end up accessing more user data than necessary, even if their developers…

Cryptography and Security · Computer Science 2026-03-12 Qiyu Li , Yuhe Tian , Haojian Jin

Voice assistant applications have become omniscient nowadays. Two models that provide the two most important functions for real-life applications (i.e., Google Home, Amazon Alexa, Siri, etc.) are Automatic Speech Recognition (ASR) models…

Cryptography and Security · Computer Science 2023-04-20 Jingjin Li , Chao chen , Lei Pan , Mostafa Rahimi Azghadi , Hossein Ghodosi , Jun Zhang

The new information and communication technology providers collect increasing amounts of personal data, a lot of which is user generated. Unless use policies are privacy-friendly, this leaves users vulnerable to privacy risks such as…

Computers and Society · Computer Science 2020-05-20 Jana Korunovska , Bernadette Kamleitner , Sarah Spiekermann

OAuth is the new de facto standard for delegating authorization in the web. An important limitation of OAuth is the fact that it was designed for authorization and not for authentication. The usage of OAuth for authentication thus leads to…

Cryptography and Security · Computer Science 2016-01-08 Vladislav Mladenov , Christian Mainka , Jörg Schwenk

Choosing authentication schemes for a specific purpose is challenging for service providers, developers, and researchers. Previous ratings of technical and objective aspects showed that available schemes all have strengths and limitations.…

Human-Computer Interaction · Computer Science 2022-09-29 Verena Zimmermann , Paul Gerber , Alina Stöver

Privacy in Online Social Networks (OSNs) evolved from a niche topic to a broadly discussed issue in a wide variety of media. Nevertheless, OSNs drastically increase the amount of information that can be found about individuals on the web.…

Social and Information Networks · Computer Science 2015-05-25 Thomas Paul , Daniel Puscher , Thorsten Strufe

Voice Assistants (VA) such as Amazon Alexa and Google Assistant are quickly and seamlessly integrating into people's daily lives. The increased reliance on VA services raises privacy concerns such as the leakage of private conversations and…

Cryptography and Security · Computer Science 2020-07-30 Song Liao , Christin Wilson , Long Cheng , Hongxin Hu , Huixing Deng

Modern websites frequently use and embed third-party services to facilitate web development, connect to social media, or for monetization. This often introduces privacy issues as the inclusion of third-party services on a website can allow…

Human-Computer Interaction · Computer Science 2022-10-05 Christine Utz , Sabrina Amft , Martin Degeling , Thorsten Holz , Sascha Fahl , Florian Schaub

Many companies, including Google, Amazon, and Apple, offer voice assistants as a convenient solution for answering general voice queries and accessing their services. These voice assistants have gained popularity and can be easily accessed…

Human-Computer Interaction · Computer Science 2024-09-16 Tina Khezresmaeilzadeh , Elaine Zhu , Kiersten Grieco , Daniel J. Dubois , Konstantinos Psounis , David Choffnes
‹ Prev 1 2 3 10 Next ›