Explicating SDKs: Uncovering Assumptions Underlying Secure Authentication and Authorization

@inproceedings{Wang2013ExplicatingSU,
  title={Explicating SDKs: Uncovering Assumptions Underlying Secure Authentication and Authorization},
  author={Rui Wang and Yuchen Zhou and Shuo Chen and Shaz Qadeer and David Evans and Yuri Gurevich},
  booktitle={USENIX Security Symposium},
  year={2013}
}
Most modern applications are empowered by online services, so application developers frequently implement authentication and authorization. Major online providers, such as Facebook and Microsoft, provide SDKs for incorporating authentication services. This paper considers whether those SDKs enable typical developers to build secure apps. Our work focuses on systematically explicating implicit assumptions that are necessary for secure use of an SDK. Understanding these assumptions depends… CONTINUE READING
Highly Cited
This paper has 77 citations. REVIEW CITATIONS
52 Citations
26 References
Similar Papers

Citations

Publications citing this paper.
Showing 1-10 of 52 extracted citations

77 Citations

01020'13'14'15'16'17'18
Citations per Year
Semantic Scholar estimates that this publication has 77 citations based on the available data.

See our FAQ for additional information.

References

Publications referenced by this paper.
Showing 1-10 of 26 references

Explicating SDKs : Uncovering Assumptions Underlying Secure Authentication and Authorization

  • Rui Wang, Yuchen Zhou, Shuo Chen, Shaz Qadeer, David Evans
  • IEEE Symposium on Security and Privacy
  • 2012

The Problem with OAuth for Authentication. http://www.thread-safe.com/2012/01/ problem-with-oauth-for-authentication.html

  • John Bradley
  • 2012
1 Excerpt

Similar Papers

Loading similar papers…