Publication: OVERSCAN: OAuth 2.0 Scanner for Missing Parameters
| dc.contributor.author | Karin Sumongkayothin | en_US |
| dc.contributor.author | Pakpoom Rachtrachoo | en_US |
| dc.contributor.author | Arnuphap Yupuech | en_US |
| dc.contributor.author | Kasidit Siriporn | en_US |
| dc.contributor.other | Mahidol University | en_US |
| dc.date.accessioned | 2020-01-27T08:22:55Z | |
| dc.date.available | 2020-01-27T08:22:55Z | |
| dc.date.issued | 2019-01-01 | en_US |
| dc.description.abstract | © 2019, Springer Nature Switzerland AG. The websites are developed rapidly and wildly used by people around the world. The main reason is the increase of the immense number of internet users, which results in the security control of accessing sensitive information is necessary. The authorization server as the one security aspect which controls the access permission to the system. Many authentication protocols were proposed to meet these functional requirements. The open-standard authorization (OAuth) protocol is one of the well-known solutions widely used. However, many developers still misuse this protocol, which can cause security breaches. This paper proposes a tool named OVERSCAN, which is an OAuth2.0 scanner for misused or missing parameters. The experiments of using OVERSCAN have been conducted over 45 samples supporting OAuth2.0 protocol. The results show that 84.4% of samples lack significant parameters which can cause security problems. | en_US |
| dc.identifier.citation | Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics). Vol.11928 LNCS, (2019), 221-233 | en_US |
| dc.identifier.doi | 10.1007/978-3-030-36938-5_13 | en_US |
| dc.identifier.issn | 16113349 | en_US |
| dc.identifier.issn | 03029743 | en_US |
| dc.identifier.other | 2-s2.0-85076990787 | en_US |
| dc.identifier.uri | https://repository.li.mahidol.ac.th/handle/20.500.14594/50669 | |
| dc.rights | Mahidol University | en_US |
| dc.rights.holder | SCOPUS | en_US |
| dc.source.uri | https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85076990787&origin=inward | en_US |
| dc.subject | Computer Science | en_US |
| dc.subject | Mathematics | en_US |
| dc.title | OVERSCAN: OAuth 2.0 Scanner for Missing Parameters | en_US |
| dc.type | Conference Paper | en_US |
| dspace.entity.type | Publication | |
| mu.datasource.scopus | https://www.scopus.com/inward/record.uri?partnerID=HzOxMe3b&scp=85076990787&origin=inward | en_US |