A Security Analysis of OpenID - Policies and Research in Identity Management
Conference Papers Year : 2010

A Security Analysis of OpenID

Bart Delft
  • Function : Author
Comp. Sci. Dept.
Martijn Oostdijk
  • Function : Author
Novay

Abstract

OpenID, a standard for Web single sign-on, has been gaining popularity both with Identity Providers, Relying Parties, and users. This paper collects the security issues in OpenID found by others, occasionally extended by the authors, and presents them in a uniform way. It attempts to combine the shattered knowledge into a clear overview. The aim of this paper is to raise awareness about security issues surrounding OpenID and similar standards and help shape opinions on what (not) to expect from OpenID when deployed in a not-so-friendly context.

Domains

Digital Libraries [cs.DL]
Fichier principal
Vignette du fichier
paper.pdf (158.91 Ko) Télécharger le fichier
Origin Files produced by the author(s)

Hal Ifip  : Connect in order to contact the contributor

https://inria.hal.science/hal-01054399

Submitted on : Wednesday, August 6, 2014-3:47:51 PM

Last modification on : Thursday, December 1, 2022-2:02:08 PM

Long-term archiving on : Wednesday, November 26, 2014-12:51:22 AM

Download

Dates and versions

hal-01054399 , version 1 (06-08-2014)

Licence

Attribution

Identifiers

Cite

Bart Delft, Martijn Oostdijk. A Security Analysis of OpenID. Second IFIP WG 11.6 Working Conference on Policies and Reseach Management (IDMAN), Nov 2010, Oslo, Norway. pp.73-84, ⟨10.1007/978-3-642-17303-5_6⟩. ⟨hal-01054399⟩

Export

BibTeX XML-TEI Dublin Core DC Terms EndNote DataCite

Collections

IFIP IFIP-AICT IFIP-AICT-343 IFIP-TC IFIP-WG IFIP-TC11 IFIP-WG11-6 IFIP-IDMAN
838 View
1209 Download

Altmetric

Share

More