Hosseyni et al., 2022 - Google Patents
Formal Security Analysis of the OpenID Financial-grade API 2.0Hosseyni et al., 2022
View PDF- Document ID
- 2787099490548874669
- Author
- Hosseyni P
- Küsters R
- Würtele T
- Publication year
- Publication venue
- url: https://openid. net/wordpress-content/uploads/2022/12/Formal-Security-Analysis-of-FAPI-2.0 _FINAL_2022-10. pdf (visited on 09/27/2023)(cit. on pp. 62, 83, 84, 86)
External Links
Snippet
With the emergence of FinTech companies, interfaces between banks and FinTechs became increasingly important. While early FinTechs were forced to use techniques like screen scraping to deliver their services, pressure from customers and lawmakers, eg, with …
- 238000013475 authorization 0 abstract description 233
Classifications
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/71—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information
- G06F21/74—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer to assure secure computing or processing of information operating in dual or compartmented mode, i.e. at least one secure mode
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/50—Monitoring users, programs or devices to maintain the integrity of platforms, e.g. of processors, firmware or operating systems
- G06F21/55—Detecting local intrusion or implementing counter-measures
- G06F21/554—Detecting local intrusion or implementing counter-measures involving event detection and direct action
-
- G—PHYSICS
- G06—COMPUTING; CALCULATING; COUNTING
- G06F—ELECTRICAL DIGITAL DATA PROCESSING
- G06F21/00—Security arrangements for protecting computers, components thereof, programs or data against unauthorised activity
- G06F21/70—Protecting specific internal or peripheral components, in which the protection of a component leads to protection of the entire computer
- G06F21/82—Protecting input, output or interconnection devices
- G06F21/83—Protecting input, output or interconnection devices input devices, e.g. keyboards, mice or controllers thereof
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| Fett et al. | An extensive formal security analysis of the openid financial-grade api | |
| Lodderstedt et al. | OAuth 2.0 threat model and security considerations | |
| US9397990B1 (en) | Methods and systems of generating and using authentication credentials for decentralized authorization in the cloud | |
| He et al. | A strong user authentication scheme with smart cards for wireless communications | |
| Kaur et al. | A secure two‐factor authentication framework in cloud computing | |
| Yang et al. | A security analysis of the OAuth protocol | |
| Singh et al. | OAuth 2.0: Architectural design augmentation for mitigation of common security vulnerabilities | |
| Zhang et al. | EL PASSO: Efficient and lightweight privacy-preserving single sign on | |
| Wu et al. | SGX-UAM: A secure unified access management scheme with one time passwords via Intel SGX | |
| Guo et al. | Uppresso: Untraceable and unlinkable privacy-preserving single sign-on services | |
| Heilman et al. | Openpubkey: Augmenting openid connect with user held signing keys | |
| Maidine et al. | Cloud identity management mechanisms and issues | |
| Paquin | U-prove technology overview v1. 1 | |
| Cesena et al. | Anonymous authentication with TLS and DAA | |
| Göçer et al. | An authorization framework with oauth for fintech servers | |
| Lodderstedt et al. | RFC 9700: Best Current Practice for OAuth 2.0 Security | |
| Hosseyni et al. | Formal Security Analysis of the OpenID Financial-grade API 2.0 | |
| Holtmann | Single sign-on security: security analysis of real-life openid connect implementations | |
| Axeland et al. | Security analysis of attack surfaces on the grant negotiation and authorization protocol | |
| Jesudoss et al. | Enhanced Kerberos authentication for distributed environment | |
| Aiemworawutikul et al. | Vulnerability Assessment in National Identity Services | |
| Damabi | Security analysis of the OpenID financial-grade API | |
| Chen et al. | SSL/TLS session-aware user authentication using a gaa bootstrapped key | |
| CN114996770B (en) | Identity recognition method based on sink management system | |
| Kohlar et al. | Secure bindings of SAML assertions to TLS sessions |