Related papers: OAuthHub: Mitigating OAuth Data Overaccess through…
Single sign-on authentication systems such as OAuth 2.0 are widely used in web services. They allow users to use accounts registered with major identity providers such as Google and Facebook to login on multiple services (relying parties).…
OAuth 2.0 is the industry-standard protocol for authorization. It facilitates secure service provisioning, as well as secure interoperability among diverse stakeholders. All OAuth 2.0 protocol flows result in the creation of an access…
OAuth is the new de facto standard for delegating authorization in the web. An important limitation of OAuth is the fact that it was designed for authorization and not for authentication. The usage of OAuth for authentication thus leads to…
As the popularity of Internet of Things (IoT) platforms grows, users gain unprecedented control over their homes, health monitoring, and daily task automation. However, the testing of software for these platforms poses significant…
Authentication and authorization are two key elements of a software application. In modern day, OAuth 2.0 framework and OpenID Connect protocol are widely adopted standards fulfilling these requirements. These protocols are implemented into…
The rapid increase in the adoption of Internet-of-Things (IoT) devices raises critical privacy concerns as these devices can access a variety of sensitive data. The current status quo of relying on manufacturers' cloud services to process…
With recent elevated adaptation of cloud services in almost every major public sector, the health sector emerges as a vulnerable segment, particularly in data exchange of sensitive Health records, as determining the retention, exchange, and…
Millions of users routinely use Google to log in to websites supporting OAuth 2.0 or OpenID Connect; the security of OAuth 2.0 and OpenID Connect is therefore of critical importance. As revealed in previous studies, in practice RPs often…
GitHub provides developers with a practical way to distribute source code and collaboratively work on common projects. To enhance account security and privacy, GitHub allows its users to manage access permissions, review audit logs, and…
The diversity of data management systems affords developers the luxury of building systems with heterogeneous systems that address needs that are unique to the data. It allows one to mix-n-match systems that can store, query, update, and…
The immense shift to cloud computing has brought changes in security and privacy requirements, impacting critical Identity Management services. Currently, many IdM systems and solutions are accessible as cloud services, delivering identity…
Accessing data from distributed computing is essential in many workflows, but can be complicated for users of cyberinfrastructure. They must perform multiple steps to make data available to distributed computing using unfamiliar tools.…
Currently, there are over 14 billion IoT devices [7], and with many devices come many protocols, the main ones being MQTT and CoAP. We are interested in connecting the many diverse IoT devices to the cloud. To do so, we use the middleware…
The Open Data Protocol (OData) provides a standardized approach for building and consuming RESTful APIs with rich query capabilities. Despite its power and maturity, OData adoption remains confined primarily to enterprise environments,…
The OAuth 2.0 protocol is one of the most widely deployed authorization/single sign-on (SSO) protocols and also serves as the foundation for the new SSO standard OpenID Connect. Despite the popularity of OAuth, so far analysis efforts were…
Cloud computing has fundamentally transformed application development, yet a gap remains between the serverless promise of simplified deployment and its practical realization due to fragmentation across function runtimes, state management,…
The Internet of Things (IoT) envisions that objects may be connected to the Internet, producing and consuming data in real-time. Today, numerous middleware platforms are available to facilitate the communication with these objects.…
Thanks to the advent of the Internet, it is now possible to easily share vast amounts of electronic information and computer resources (which include hardware, computer services, etc.) in open distributed environments. These environments…
The widespread adoption of cloud computing has resulted in the proliferation of open source cloud computing frameworks that give more control to enterprises over their data and networks. Though the benefits of open source software are…
The IoT ecosystem suffers from a variety of problems around security, identity, access control, data flow and data storage that introduce friction into interactions between various parties. In many respects, the situation is similar to the…