Wu, 2023 - Google Patents
Authentication in Web ApplicationsWu, 2023
View PDF- Document ID
- 17760010632827228105
- Author
- Wu I
- Publication year
External Links
Snippet
The goal of this thesis is to explore web service authentication methods in the context of modern web applications. As web services continue to be integral components of today's digital landscape, the need for simple but secure authentication is essential. This study aims …
- 238000000034 method 0 abstract description 34
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/34—User authentication involving the use of external additional devices, e.g. dongles or smart cards
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/32—User authentication using biometric data, e.g. fingerprints, iris scans or voiceprints
-
- H—ELECTRICITY
- H04—ELECTRIC COMMUNICATION TECHNIQUE
- H04L—TRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
- H04L63/00—Network architectures or network communication protocols for network security
- H04L63/08—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
- H04L63/083—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords
- H04L63/0838—Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using passwords using one-time-passwords
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/33—User authentication using certificates
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/30—Authentication, i.e. establishing the identity or authorisation of security principals
- G06F21/31—User authentication
- G06F21/316—User authentication by observing the pattern of computer usage, e.g. typical user behaviour
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| US11329989B2 (en) | Token-based access control and grouping | |
| Li et al. | The {Emperor’s} new password manager: Security analysis of web-based password managers | |
| Lodderstedt et al. | OAuth 2.0 threat model and security considerations | |
| Fett et al. | A comprehensive formal security analysis of OAuth 2.0 | |
| US10715514B1 (en) | Token-based credential renewal service | |
| Naik et al. | Securing digital identities in the cloud by selecting an apposite Federated Identity Management from SAML, OAuth and OpenID Connect | |
| US10673862B1 (en) | Token-based access tracking and revocation | |
| Fett et al. | Spresso: A secure, privacy-respecting single sign-on system for the web | |
| US10846432B2 (en) | Secure data leak detection | |
| US10218691B2 (en) | Single sign-on framework for browser-based applications and native applications | |
| Fett et al. | An extensive formal security analysis of the openid financial-grade api | |
| US10320771B2 (en) | Single sign-on framework for browser-based applications and native applications | |
| US10454949B2 (en) | Guarding against cross-site request forgery (CSRF) attacks | |
| Singh et al. | OAuth 2.0: Architectural design augmentation for mitigation of common security vulnerabilities | |
| Hossain et al. | OAuth-SSO: A framework to secure the OAuth-based SSO service for packaged web applications | |
| Chandra et al. | Authentication and authorization mechanism for cloud security | |
| Lepofsky | The manager's guide to web application security: a concise guide to the weaker side of the web | |
| Mayer et al. | Guardians of the clouds: When identity providers fail | |
| Binu et al. | A mobile based remote user authentication scheme without verifier table for cloud based services | |
| Liu et al. | Account Lockouts: Characterizing and Preventing Account Denial-of-Service Attacks | |
| Jones et al. | OAuth 2.0 dynamic client registration protocol | |
| Wu | Authentication in Web Applications | |
| Maidine et al. | Cloud Identity Management Mechanisms and Issues | |
| Ghazizadeh et al. | Secure OpenID authentication model by using Trusted Computing | |
| Holtmann | Single Sign-On Security: Security Analysis of Real-Life OpenID Connect Implementations |