Verifying OAuth implementations through encrypted network analysis

2Citations
Citations of this article
5Readers
Mendeley users who have this article in their library.

Abstract

Verifying protocol implementations via application analysis can be cumbersome. Rapid development cycles of both the protocol and applications that use it can hinder up-to-date analysis. A better approach is to use formal models to characterize the applications platform and then verify the protocol through analysis of the network traffic tied to the models. To test this method, the popular protocol OAuth is considered. Currently, formal models of OAuth do not take into consideration the mobile environment, and implementation verification is largely based on code analysis. Our preliminary results are two fold; we sketch an extension to a formal model that incorporates the specifics of the Android platform and classify OAuth device types using machine learning on encrypted VPN traffic.

References Powered by Scopus

A comprehensive formal security analysis of OAuth 2.0

147Citations
N/AReaders
Get full text

OAuth demystified for mobile application developers

129Citations
N/AReaders
Get full text

Automated Verification for Secure Messaging Protocols and Their Implementations: A Symbolic and Computational Approach

114Citations
N/AReaders
Get full text

Cited by Powered by Scopus

Detecting Devices and Protocols on VPN-Encrypted Networks

1Citations
N/AReaders
Get full text

Why Protocols Fail to Transition to Mobile Domains

0Citations
N/AReaders
Get full text

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Cite

CITATION STYLE

APA

Talkington, J., Dantu, R., & Morozov, K. (2019). Verifying OAuth implementations through encrypted network analysis. In Proceedings of ACM Symposium on Access Control Models and Technologies, SACMAT (pp. 227–229). Association for Computing Machinery. https://doi.org/10.1145/3322431.3326449

Readers' Seniority

Tooltip

PhD / Post grad / Masters / Doc 3

100%

Readers' Discipline

Tooltip

Engineering 2

67%

Computer Science 1

33%

Save time finding and organizing research with Mendeley

Sign up for free