Hasan Imam Sohag - Academia.edu (original) (raw)

Hasan Imam Sohag

Uploads

Papers by Hasan Imam Sohag

Research paper thumbnail of OAuth 2.0

Advances in Wireless Technologies and Telecommunication, 2020

OAuth is an open security standard that enables users to provide specific and time-bound rights t... more OAuth is an open security standard that enables users to provide specific and time-bound rights to an application to access protected user resources. It stored on some external resource servers without needing them to share their credentials with the application. Unlike websites, for locally installed packaged web applications, the main security challenge is to handle the redirect response. The OAuth flow initiated from packaged web apps is similar to the OAuth flows explained in the current literature. However, for packaged web apps, it is difficult to define an HTTP endpoint as redirection endpoint since these apps are locally installed. The authors have proposed a novel method to execute OAuth flow from such applications with the help of a web runtime framework that manages the life cycle of these applications. They have compared their approach with another two existing approaches. After conducting experiments, they have found their approach blocking all illegal OAuth flow execut...

Bookmarks Related papers MentionsView impact

Research paper thumbnail of OAuth-SSO: A Framework to Secure the OAuth-Based SSO Service for Packaged Web Applications

2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2018

The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social network... more The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social networks like Facebook, Google and Twitter make their APIs based on the OAuth protocol to increase user experience of SSO and social sharing. It is an open standard for authorization and gives a process for third-party applications to obtain users' resources on the resource servers without sharing their login credentials. Single sign-on (SSO) is an identification method that makes allowance for websites to use other, rely on sites to confirm users. OAuth 2.0 is broadly used in Single Sign-On (SSO) service because of its simple implementation and coherence with a diversity of the third-party applications. It has been proved secure in different formal methods, but some vulnerabilities are revealed in practice. In this paper, we mention a general approach to improve the security of OAuth based SSO service for packaged web app. This paper proposes a modified method to execute OAuth flow from such applications with the help of Single sign-on (SSO) manages the life cycle of these applications.

Bookmarks Related papers MentionsView impact

Research paper thumbnail of OAuth 2.0

Advances in Wireless Technologies and Telecommunication, 2020

OAuth is an open security standard that enables users to provide specific and time-bound rights t... more OAuth is an open security standard that enables users to provide specific and time-bound rights to an application to access protected user resources. It stored on some external resource servers without needing them to share their credentials with the application. Unlike websites, for locally installed packaged web applications, the main security challenge is to handle the redirect response. The OAuth flow initiated from packaged web apps is similar to the OAuth flows explained in the current literature. However, for packaged web apps, it is difficult to define an HTTP endpoint as redirection endpoint since these apps are locally installed. The authors have proposed a novel method to execute OAuth flow from such applications with the help of a web runtime framework that manages the life cycle of these applications. They have compared their approach with another two existing approaches. After conducting experiments, they have found their approach blocking all illegal OAuth flow execut...

Bookmarks Related papers MentionsView impact

Research paper thumbnail of OAuth-SSO: A Framework to Secure the OAuth-Based SSO Service for Packaged Web Applications

2018 17th IEEE International Conference On Trust, Security And Privacy In Computing And Communications/ 12th IEEE International Conference On Big Data Science And Engineering (TrustCom/BigDataSE), 2018

The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social network... more The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social networks like Facebook, Google and Twitter make their APIs based on the OAuth protocol to increase user experience of SSO and social sharing. It is an open standard for authorization and gives a process for third-party applications to obtain users' resources on the resource servers without sharing their login credentials. Single sign-on (SSO) is an identification method that makes allowance for websites to use other, rely on sites to confirm users. OAuth 2.0 is broadly used in Single Sign-On (SSO) service because of its simple implementation and coherence with a diversity of the third-party applications. It has been proved secure in different formal methods, but some vulnerabilities are revealed in practice. In this paper, we mention a general approach to improve the security of OAuth based SSO service for packaged web app. This paper proposes a modified method to execute OAuth flow from such applications with the help of Single sign-on (SSO) manages the life cycle of these applications.

Bookmarks Related papers MentionsView impact

Log In