SSO Research Papers - Academia.edu (original) (raw)

The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social networks like Facebook, Google and Twitter make their APIs based on the OAuth protocol to increase user experience of SSO and social sharing. It is... more

The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social networks like Facebook, Google and Twitter make their APIs based on the OAuth protocol to increase user experience of SSO and social sharing. It is an open standard for authorization and gives a process for third-party applications to obtain users' resources on the resource servers without sharing their login credentials. Single sign-on (SSO) is an identification method that makes allowance for websites to use other, rely on sites to confirm users. OAuth 2.0 is broadly used in Single Sign-On (SSO) service because of its simple implementation and coherence with a diversity of the third-party applications. It has been proved secure in different formal methods, but some vulnerabilities are revealed in practice. In this paper, we mention a general approach to improve the security of OAuth based SSO service for packaged web app. This paper proposes a modified method to execute OAuth flow from such applications with the help of Single sign-on (SSO) manages the life cycle of these applications.

Recently, driven by the enthusiasm spurred by the Open Innovation movement, also individual patentees as well as wealthy corporations holding valuable patent portfolios have started sharing their patented knowledge. Whether in the open... more

Recently, driven by the enthusiasm spurred by the Open Innovation movement, also individual patentees as
well as wealthy corporations holding valuable patent portfolios have started sharing their patented
knowledge. Whether in the open source software environment or in the fields of biosciences and green
technologies, during the last few years patent holders have been uniformizing the terms and conditions of
their licenses in order to facilitate the access to, the transfer as well as the use of their patents. Patent pledges
and covenants have thus become the keys to open patents. Actually, they have unlocked at least diverse
doors. Some pledges and covenants have contributed to create large “clubs of patentees” that are reciprocally
committed to share their patents. These clubs are inwardly open, but still closed towards the non-members.
Other pledges and covenants have set the grounds to make patents open toward whoever is interested in
them, on the main condition that this unknown re-user will make her own follow-on innovation be equally
open. The paper discusses the legal implications of these phenomena, their communalities and differences.

The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social networks like Facebook, Google and Twitter make their APIs based on the OAuth protocol to increase user experience of SSO and social sharing. It is... more

The OAuth 2.0 is an authorization protocol gives authorization on the Web. Popular social networks like Facebook, Google and Twitter make their APIs based on the OAuth protocol to increase user experience of SSO and social sharing. It is an open standard for authorization and gives a process for third-party applications to obtain users' resources on the resource servers without sharing their login credentials. Single sign-on (SSO) is an identification method that makes allowance for websites to use other, rely on sites to confirm users. OAuth 2.0 is broadly used in Single Sign-On (SSO) service because of its simple implementation and coherence with a diversity of the third-party applications. It has been proved secure in different formal methods, but some vulnerabilities are revealed in practice. In this paper, we mention a general approach to improve the security of OAuth based SSO service for packaged web app. This paper proposes a modified method to execute OAuth flow from such applications with the help of Single sign-on (SSO) manages the life cycle of these applications.