User authentication can be compromised both by subverting the system and by subverting the user; the threat modelling of the former is well studied, the latter less so. We propose a method to determine opportunities to subvert the user allowing vulnerabilities to be systematically identified. The method is applied to VeriSign's OpenID authentication mechanism. © 2008 Springer Berlin Heidelberg.
CITATION STYLE
Dong, X., Clark, J. A., & Jacob, J. L. (2008). Threat modelling in user performed authentication. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 5308 LNCS, pp. 49–64). Springer Verlag. https://doi.org/10.1007/978-3-540-88625-9_4
Mendeley helps you to discover research relevant for your work.