Formal analysis of Facebook Connect Single Sign-On authentication protocol ?

  title={Formal analysis of Facebook Connect Single Sign-On authentication protocol ?},
  author={Marino Miculan and Caterina},
We present a formal analysis of the authentication protocol of Facebook Connect, the Single Sign-On service offered by the Facebook Platform which allows Facebook users to login to affiliated sites. Formal specification and verification have been carried out using the specification language HLPSL and AVISPA, a state-of-the-art verification tool for security protocols. AVISPA has revealed two security flaws, one of which (previously unheard of, up to our knowledge) allows an intruder to… CONTINUE READING
Highly Cited
This paper has 58 citations. REVIEW CITATIONS


Publications citing this paper.
Showing 1-10 of 29 extracted citations

SAuth: protecting user accounts from password database leaks

ACM Conference on Computer and Communications Security • 2013
View 4 Excerpts
Highly Influenced

Integrating OAuth with Information card systems

2011 7th International Conference on Information Assurance and Security (IAS) • 2011
View 2 Excerpts
Highly Influenced

Using Externals IdPs on OpenStack: A Security Analysis of OpenID Connect, Facebook Connect, and OpenStack Authentication

2018 IEEE 32nd International Conference on Advanced Information Networking and Applications (AINA) • 2018
View 1 Excerpt

58 Citations

Citations per Year
Semantic Scholar estimates that this publication has 58 citations based on the available data.

See our FAQ for additional information.


Publications referenced by this paper.
Showing 1-4 of 4 references

Social networks: Facebook takes over top spot, Twitter climbs

A. Kazeniac
Available at facebook-myspace-twitter-social-network/, • 2009
View 1 Excerpt