[go: up one dir, main page]
More Web Proxy on the site http://driver.im/

Shehab et al., 2014 - Google Patents

Towards enhancing the security of oauth implementations in smart phones

Shehab et al., 2014

View PDF
Document ID
17888621808561434323
Author
Shehab M
Mohsen F
Publication year
Publication venue
2014 IEEE International Conference on Mobile Services

External Links

Snippet

With the roaring growth and wide adoption of smart mobile devices, users are continuously integrating with culture of the mobile applications (apps). These apps are not only gaining access to information on the smartphone but they are also able gain users' authorization to …
Continue reading at liisp.uncc.edu (PDF) (other versions)

Classifications

    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W4/00Mobile application services or facilities specially adapted for wireless communication networks
    • H04W4/003Mobile application execution environments for application services, e.g. communicating with application store or appstore servers in the application service network and vice versa, 3GPP SIM Application toolkit [SAT], 3GPP OSA or 3GPP MEXE
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
    • H04W12/08Access security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to network resources
    • H04L63/105Multiple levels of security
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/08Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network
    • H04L63/0853Network architectures or network communication protocols for network security for supporting authentication of entities communicating through a packet data network using an additional device, e.g. smartcard, SIM or a different communication terminal
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
    • H04W12/06Authentication
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/10Network architectures or network communication protocols for network security for controlling access to network resources
    • H04L63/102Entity profiles
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/20Network architectures or network communication protocols for network security for managing network security; network security policies in general
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/04Network architectures or network communication protocols for network security for providing a confidential data exchange among entities communicating through data packet networks
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W4/00Mobile application services or facilities specially adapted for wireless communication networks
    • H04W4/001Provisioning or reconfiguring application services, e.g. OMA DM
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L63/00Network architectures or network communication protocols for network security
    • H04L63/02Network architectures or network communication protocols for network security for separating internal from external traffic, e.g. firewalls
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W12/00Security arrangements, e.g. access security or fraud detection; Authentication, e.g. verifying user identity or authorisation; Protecting privacy or anonymity
    • H04W12/02Protecting privacy or anonymity
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L67/00Network-specific arrangements or communication protocols supporting networked applications
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W8/00Network data management
    • H04W8/22Processing or transfer of terminal data, e.g. status or physical capabilities
    • H04W8/24Transfer of terminal data
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W76/00Connection management, e.g. connection set-up, manipulation or release
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W88/00Devices specially adapted for wireless communication networks, e.g. terminals, base stations or access point devices
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04WWIRELESS COMMUNICATIONS NETWORKS
    • H04W72/00Local resource management, e.g. wireless traffic scheduling or selection or allocation of wireless resources
    • H04W72/04Wireless resource allocation
    • HELECTRICITY
    • H04ELECTRIC COMMUNICATION TECHNIQUE
    • H04LTRANSMISSION OF DIGITAL INFORMATION, e.g. TELEGRAPHIC COMMUNICATION
    • H04L27/00Modulated-carrier systems

Similar Documents

Publication Publication Date Title
Shehab et al. Towards enhancing the security of oauth implementations in smart phones
US11720666B2 (en) Application-level sandboxing on devices
Konoth et al. How anywhere computing just killed your phone-based two-factor authentication
Wang et al. Unauthorized origin crossing on mobile platforms: Threats and mitigation
Sun et al. The devil is in the (implementation) details: an empirical analysis of OAuth SSO systems
US10848571B2 (en) Systems and methods for consistent enforcement policy across different SaaS applications via embedded browser
US20150007283A1 (en) Delegating authentication for a web service
Bhavani Cross-site scripting attacks on android webview
Bui et al. {Man-in-the-Machine}: Exploiting {Ill-Secured} Communication Inside the Computer
Bursztein et al. Sessionjuggler: secure web login from an untrusted terminal using session hijacking
Bauer et al. Analyzing the dangers posed by Chrome extensions
Wang et al. One Size Does Not Fit All: Uncovering and Exploiting Cross Platform Discrepant {APIs} in {WeChat}
Praitheeshan et al. Attainable hacks on Keystore files in Ethereum wallets—A systematic analysis
US10897458B1 (en) Enhancing secure client experience through selective encryption of cookies
Tian et al. All your screens are belong to us: attacks exploiting the html5 screen sharing api
Vasileios Grammatopoulos et al. A web tool for analyzing FIDO2/WebAuthn Requests and Responses
De Ryck et al. Primer on client-side web security
Saini et al. Colluding browser extension attack on user privacy and its implication for web browsers
Mohsen et al. Hardening the oauth-webview implementations in android applications by re-factoring the chromium library
Mayer et al. Guardians of the clouds: When identity providers fail
Beer et al. Tabbed Out: Subverting the Android Custom Tab Security Model
Aldoseri et al. insecure://vulnerability analysis of URI scheme handling in android mobile browsers
Xiao et al. Privilege leakage and information stealing through the android task mechanism
Huszti Security Analysis of Android Applications
Shafqat et al. Assessing the Feasibility of the Virtual Smartphone Paradigm in Countering Zero-Click Attacks.