A Survey of Security Analysis in Federated Identity Management
作者: Sean Simpson , Thomas Groß
DOI: 10.1007/978-3-319-55783-0_16
关键词:
摘要: We conduct a systematic survey of security analysis in Federated Identity Management (FIM). use categorisation system based off the Malicious and Accidental Fault Tolerance framework (MAFTIA) to categorise incidents FIM. When are categorised, we can paint picture landscape problems that have been studied outline happening across FIM protocols present solutions those as proposed by others.
springer.com
sci-hub.st 参考文章(41)
Rolf Oppliger, Microsoft .NET Passport and identity management Information Security Technical Report. ,vol. 9, pp. 26- 34 ,(2004) , 10.1016/S1363-4127(04)00013-5
Eugene Ferry, John O Raw, Kevin Curran, Security evaluation of the OAuth 2.0 framework Information and Computer Security. ,vol. 23, pp. 73- 101 ,(2015) , 10.1108/ICS-12-2013-0089
Zubair Ahmad, Jamalul-Lail Ab Manan, Suziah Sulaiman, Trusted Computing based open environment user authentication model international conference on advanced computer theory and engineering. ,vol. 6, ,(2010) , 10.1109/ICACTE.2010.5579171
Rui Wang, Shuo Chen, XiaoFeng Wang, Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services ieee symposium on security and privacy. pp. 365- 379 ,(2012) , 10.1109/SP.2012.30
San-Tsai Sun, Kirstie Hawkey, Konstantin Beznosov, Systematically breaking and fixing OpenID security: Formal analysis, semi-automated empirical evaluation, and practical countermeasures Computers & Security. ,vol. 31, pp. 465- 483 ,(2012) , 10.1016/J.COSE.2012.02.005
B. Pfitzmann, M. Waidner, Analysis of liberty single-sign-on with enabled clients IEEE Internet Computing. ,vol. 7, pp. 38- 44 ,(2003) , 10.1109/MIC.2003.1250582
David P Kormann, Aviel D Rubin, Risks of the passport single signon protocol the web conference. ,vol. 33, pp. 51- 58 ,(2000) , 10.1016/S1389-1286(00)00048-7
Alessandro Armando, Roberto Carbone, Luca Compagna, Jorge Cuellar, Llanos Tobarra, Formal analysis of SAML 2.0 web browser single sign-on Proceedings of the 6th ACM workshop on Formal methods in security engineering - FMSE '08. pp. 1- 10 ,(2008) , 10.1145/1456396.1456397
Audun Jøsang, Simon Pope, James Dalziel, Brian Hay, John Fabre, Trust requirements in identity management grid computing. pp. 99- 108 ,(2005)
Slawomir Grzonkowski, Peter M. Corcoran, Thomas Coughlin, Security analysis of authentication protocols for next-generation mobile and CE cloud services international conference on consumer electronics berlin. pp. 83- 87 ,(2011) , 10.1109/ICCE-BERLIN.2011.6031855