Google, IBM & Meta Certificates — All 10,000+ Courses at 40% Off
One annual plan covers every course and certificate on Coursera. 40% off for a limited time.
Get Full Access
Explore a comprehensive formal security analysis of OAuth 2.0 in this 25-minute conference talk presented at CCS 2016, the 23rd ACM Conference on Computer and Communications Security. Delve into the contributions, formal analysis methods, and web application standards discussed by authors Daniel Fett, Ralf Küsters, and Guido Schmitz from the University of Trier. Examine the web model, browser model, and limitations of OAuth 2.0. Investigate various OAuth modes, multiple IdPs, and key security properties including authorization, authentication, and session integrity. Uncover potential attacks, such as the 307 Redirect Attack and IdP Mix-Up Attack, along with their mitigation strategies. Gain insights into the security proof assumptions, network attacker scenarios, and related work in the field of OAuth 2.0 security analysis.
