Evaluation of an OAuth 2.0 Protocol Implementation for Web Server Applications

被引：0

作者：

Darwish, Marwan ^{[1
]}

Ouda, Abdelkader ^{[1
]}

机构：

[1] Univ Western Ontario, Dept Elect & Comp Engn, London, ON, Canada

来源：

2015 INTERNATIONAL CONFERENCE AND WORKSHOP ON COMPUTING AND COMMUNICATION (IEMCON) | 2015年

关键词：

OAuth; 2.0; protocol; web; server; applications;

D O I：

暂无

中图分类号：

TP301 [理论、方法];

学科分类号：

081202 ;

摘要：

OAuth 2.0 is one of the protocols that are most commonly implemented as an authorization framework currently. This is because it has many advantages, one of which is its ability to be flexibly implemented on different systems and for different purposes. This work evaluates the implementation of Google's OAuth 2.0 for web server applications. This evaluation indicates that the implementation of Google's OAuth 2.0 protocol may lead to a security flaw that exploits low to medium size web servers. This threat might occur by exhausting the storage resources of the web server and making its applications unavailable. In addition, a number of recommendations are made to help protect against this type of threat when an OAuth 2.0 authorization protocol is implemented on web application servers.

引用

页数：4

共 50 条

[21] Design and Implementation of Embedded Web Server
Xiao, Jie
Zeng, FenShi
PROCEEDINGS OF 2012 7TH INTERNATIONAL CONFERENCE ON COMPUTER SCIENCE & EDUCATION, VOLS I-VI, 2012, : 479 - 482
[22] Text of epoch of web server 2.0: a psycholinguistic analysis
Goroshko, E. I.
PSYCHOLINGUISTICS, 2009, 4 : 118 - 136
[23] Web 2.0 applications in China
Zhai, Dongsheng
Liu, Chen
INTEGRATION AND INNOVATION ORIENT TO E-SOCIETY, VOL 2, 2007, 252 : 26 - +
[24] Web 2.0: Applications and Mechanisms
Granitzer, Michael
Lindstaedt, Stefanie N.
JOURNAL OF UNIVERSAL COMPUTER SCIENCE, 2011, 17 (04) : 513 - 514
[25] An Investigation of Leapfrogging and Web 2.0 Implementation
Scaglione, Miriam
Ismail, Ahmad Fareed
Trabichet, Jean-Philippe
Murphy, Jamie
INFORMATION AND COMMUNICATION TECHNOLOGIES IN TOURISM 2010, 2010, : 441 - 453
[26] A Split Protocol Technique for Web Server Migration
Rawal, B. S.
Karne, R. K.
Wijesinha, A. L.
Ramcharan, H.
Liang, S.
2012 IEEE 9TH INTERNATIONAL CONFERENCE ON MOBILE AD-HOC AND SENSOR SYSTEMS (MASS): WORKSHOPS, 2012,
[27] A TAXONOMY SCHEMA FOR WEB 2.0 AND MOBILE 2.0 APPLICATIONS
Cortimiglia, Marcelo
Renga, Filippo
Rangone, Andrea
ICE-B 2009: PROCEEDINGS OF THE INTERNATIONAL CONFERENCE ON E-BUSINESS, 2009, : 69 - 76
[28] Improving web server performance by distributing web applications
Kakaiya, M
Goel, S
Sharda, H
Taniar, D
INNOVATIVE INTERNET COMMUNITY SYSTEMS, 2003, 2877 : 156 - 167
[29] AllerCatPro 2.0: a web server for predicting protein allergenicity potential
Nguyen, Minh N.
Krutz, Nora L.
Limviphuvadh, Vachiranee
Lopata, Andreas L.
Gerberick, G. Frank
Maurer-Stroh, Sebastian
NUCLEIC ACIDS RESEARCH, 2022, 50 (W1) : W36 - W43
[30] An implementation of Embedded Web Server in farming sector
Sariga, A. ae
Jaiganesh, S.
Vengattaraman, T.
Sujatha, P.
PROCEEDINGS OF THE 2016 INTERNATIONAL CONFERENCE ON COMMUNICATION AND ELECTRONICS SYSTEMS (ICCES), 2016, : 808 - 813

← 1 2 3 4 5 →