Yang et al., 2018 - Google Patents
Vetting Single {Sign-On}{SDK} Implementations via Symbolic ReasoningYang et al., 2018
View PDF- Document ID
- 15056792118889870672
- Author
- Yang R
- Lau W
- Chen J
- Zhang K
- Publication year
- Publication venue
- 27th USENIX Security Symposium (USENIX Security 18)
External Links
Snippet
Encouraged by the rapid adoption of Single Sign-On (SSO) technology in web services, mainstream identity providers, such as Facebook and Google, have developed Software Development Kits (SDKs) to facilitate the implementation of SSO for 3rd-party application …
- 230000000694 effects 0 abstract description 5
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F11/00—Error detection; Error correction; Monitoring
- G06F11/36—Preventing errors by testing or debugging software
- G06F11/3668—Software testing
- G06F11/3672—Test management
- G06F11/3688—Test management for test execution, e.g. scheduling of test suites
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Datta et al. | Valve: Securing function workflows on serverless computing platforms | |
| Alwan et al. | Detection and prevention of SQL injection attack: a survey | |
| Li et al. | A survey on server-side approaches to securing web applications | |
| Johari et al. | A survey on web application vulnerabilities (SQLIA, XSS) exploitation and security engine for SQL injection | |
| Blankstein et al. | Automating isolation and least privilege in web services | |
| Yang et al. | Vetting Single {Sign-On}{SDK} Implementations via Symbolic Reasoning | |
| Almorsy et al. | Supporting automated vulnerability analysis using formalized vulnerability signatures | |
| Bhargavan et al. | Language-based defenses against untrusted browser origins | |
| Yang et al. | Study and mitigation of origin stripping vulnerabilities in hybrid-postmessage enabled mobile applications | |
| Yang et al. | Automated generation of event-oriented exploits in android hybrid apps | |
| Schuster et al. | Towards reducing the attack surface of software backdoors | |
| Steffens et al. | Pmforce: Systematically analyzing postmessage handlers at scale | |
| Marijan et al. | Blockchain verification and validation: Techniques, challenges, and research directions | |
| Chaleshtari et al. | Metamorphic testing for web system security | |
| Khodayari et al. | The Great Request Robbery: An Empirical Study of Client-side Request Hijacking Vulnerabilities on the Web | |
| Bozic et al. | Planning-based security testing of web applications | |
| Lincke | Understanding Software Threats and Vulnerabilities | |
| Araujo | Engineering cyber-deceptive software | |
| Huszti | Security Analysis of Android Applications | |
| Nunes | Blended security analysis for web applications: Techniques and tools | |
| Veronese | Run-time Prevention of Logic Flaws in Multi-Party Web Applications | |
| Jnena | Modern approach for web applications vulnerability analysis | |
| Cordella et al. | Web application penetration testing: an analysis of a corporate application according to owasp guide-lines | |
| Titze | Analysis and Mitigation of Security Issues on Android | |
| Patten | A Flexible FPGA-Assisted Framework for Remote Attestation of Internet Connected Embedded Devices |