Cyber-physical systems security: a systematic mapping study
Cyber-physical systems are integrations of computation, networking, and physical
processes. Due to the tight cyber-physical coupling and to the potentially disrupting …
processes. Due to the tight cyber-physical coupling and to the potentially disrupting …
SoK: SSO-MONITOR-The Current State and Future Research Directions in Single Sign-on Security Measurements
Single Sign-On (SSO) with OAuth 2.0 and OpenID Connect 1.0 is essential for user
authentication and autho-rization on the Internet. Billions of users rely on SSO services …
authentication and autho-rization on the Internet. Billions of users rely on SSO services …
SoK: single sign-on security—an evaluation of openID connect
OpenID Connect is the OAuth 2.0-based replacement for OpenID 2.0 (OpenID) and one of
the most important Single Sign-On (SSO) protocols used for delegated authentication. It is …
the most important Single Sign-On (SSO) protocols used for delegated authentication. It is …
DISTINCT: identity theft using in-browser communications in dual-window single sign-on
Single Sign-On (SSO) protocols like OAuth 2.0 and OpenID Connect 1.0 are cornerstones of
modern web security, and have received much academic attention. Users sign in at a trusted …
modern web security, and have received much academic attention. Users sign in at a trusted …
Do not trust me: Using malicious IdPs for analyzing and attacking single sign-on
C Mainka, V Mladenov… - 2016 IEEE European …, 2016 - ieeexplore.ieee.org
Single Sign-On (SSO) systems simplify login procedures by using an Identity Provider (IdP)
to issue authentication tokens which can be consumed by Service Providers (SPs) …
to issue authentication tokens which can be consumed by Service Providers (SPs) …
Security analysis of {eIDAS}–The {Cross-Country} authentication scheme in Europe
N Engelbertz, N Erinola, D Herring… - 12th USENIX Workshop …, 2018 - usenix.org
In 2014, the European Commission released the eIDAS regulation to target the compatibility
of cross-country electronic services within the European Union. eIDAS (electronic …
of cross-country electronic services within the European Union. eIDAS (electronic …
Every Signature is Broken: On the Insecurity of Microsoft {Office's}{OOXML} Signatures
Microsoft Office is one of the most widely used applications for office documents. For
documents of prime importance, such as contracts and invoices, the content can be signed …
documents of prime importance, such as contracts and invoices, the content can be signed …
Oops... Code Execution and Content Spoofing: The First Comprehensive Analysis of {OpenDocument} Signatures
OpenDocument is one of the major standards for interoperable office documents. Supported
by office suites like Apache OpenOffice, LibreOffice, and Microsoft Office, the …
by office suites like Apache OpenOffice, LibreOffice, and Microsoft Office, the …
On the security of modern single sign-on protocols: Second-order vulnerabilities in openid connect
OAuth is the new de facto standard for delegating authorization in the web. An important
limitation of OAuth is the fact that it was designed for authorization and not for authentication …
limitation of OAuth is the fact that it was designed for authorization and not for authentication …
How to Break {XML} Encryption–Automatically
In the recent years, XML Encryption became a target of several new attacks. These attacks
belong to the family of adaptive chosen-ciphertext attacks, and allow an adversary to decrypt …
belong to the family of adaptive chosen-ciphertext attacks, and allow an adversary to decrypt …