AI, Data Science & Cloud Certificates from Google, IBM & Meta — 40% Off
One plan covers every Professional Certificate on Coursera. 40% off Coursera Plus Annual.
Unlock All Certificates
Explore a comprehensive formal security analysis of OAuth 2.0 in this 25-minute conference talk presented at CCS 2016, the 23rd ACM Conference on Computer and Communications Security. Delve into the contributions, formal analysis methods, and web application standards discussed by authors Daniel Fett, Ralf Küsters, and Guido Schmitz from the University of Trier. Examine the web model, browser model, and limitations of OAuth 2.0. Investigate various OAuth modes, multiple IdPs, and key security properties including authorization, authentication, and session integrity. Uncover potential attacks, such as the 307 Redirect Attack and IdP Mix-Up Attack, along with their mitigation strategies. Gain insights into the security proof assumptions, network attacker scenarios, and related work in the field of OAuth 2.0 security analysis.
