Self-Verifying Authentication – A Framework For Safer Integrations of Single-Sign-On Services

Дата: 08.01.2020. Автор: CISO CLUB. Категории: Подкасты и видео по информационной безопасности

In this talk, we will first show and explain a number of SSO bugs that we discovered. They pinpoint the natural gaps between the perspectives of a protocol designer, an SDK provider and a regular website programmer. None of them can be called a «stupid bug». Then, we explain how SVX performs code verification, as well as the architecture of the SVAuth code. Finally, we give demos about real-world web apps using SVAuth.

By Shuo Chen & Shaz Qadeer & Matt McCutchen & Phuong Cao & Ravishankar Iyer

Full Abstract & Presentation Materials: https://www.blackhat.com/eu-17/briefings.html#self-verifying-authentication—a-framework-for-safer-integrations-of-single-sign-on-services

CISO CLUB

Об авторе CISO CLUB

Редакция портала cisoclub.ru. Добавляйте ваш материал на сайт в разделе "Разместить публикацию".
Читать все записи автора CISO CLUB

Добавить комментарий

Ваш адрес email не будет опубликован. Обязательные поля помечены *