Web Authentication using Third-Parties in Untrusted Environments

Download or Read eBook Web Authentication using Third-Parties in Untrusted Environments PDF written by Anna Vapen and published by Linköping University Electronic Press. This book was released on 2016-08-22 with total page 91 pages. Available in PDF, EPUB and Kindle.
Web Authentication using Third-Parties in Untrusted Environments
Author :
Publisher : Linköping University Electronic Press
Total Pages : 91
Release :
ISBN-10 : 9789176857533
ISBN-13 : 9176857530
Rating : 4/5 (33 Downloads)

Book Synopsis Web Authentication using Third-Parties in Untrusted Environments by : Anna Vapen

Book excerpt: With the increasing personalization of the Web, many websites allow users to create their own personal accounts. This has resulted in Web users often having many accounts on different websites, to which they need to authenticate in order to gain access. Unfortunately, there are several security problems connected to the use and re-use of passwords, the most prevalent authentication method currently in use, including eavesdropping and replay attacks. Several alternative methods have been proposed to address these shortcomings, including the use of hardware authentication devices. However, these more secure authentication methods are often not adapted for mobile Web users who use different devices in different places and in untrusted environments, such as public Wi-Fi networks, to access their accounts. We have designed a method for comparing, evaluating and designing authentication solutions suitable for mobile users and untrusted environments. Our method leverages the fact that mobile users often bring their own cell phones, and also takes into account different levels of security adapted for different services on the Web. Another important trend in the authentication landscape is that an increasing number of websites use third-party authentication. This is a solution where users have an account on a single system, the identity provider, and this one account can then be used with multiple other websites. In addition to requiring fewer passwords, these services can also in some cases implement authentication with higher security than passwords can provide. How websites select their third-party identity providers has privacy and security implications for end users. To better understand the security and privacy risks with these services, we present a data collection methodology that we have used to identify and capture third-party authentication usage on the Web. We have also characterized the third-party authentication landscape based on our collected data, outlining which types of third-parties are used by which types of sites, and how usage differs across the world. Using a combination of large-scale crawling, longitudinal manual testing, and in-depth login tests, our characterization and analysis has also allowed us to discover interesting structural properties of the landscape, differences in the cross-site relationships, and how the use of third-party authentication is changing over time. Finally, we have also outlined what information is shared between websites in third-party authentication, dened risk classes based on shared data, and proled privacy leakage risks associated with websites and their identity providers sharing data with each other. Our ndings show how websites can strengthen the privacy of their users based on how these websites select and combine their third-parties and the data they allow to be shared.


Web Authentication using Third-Parties in Untrusted Environments Related Books

Web Authentication using Third-Parties in Untrusted Environments
Language: en
Pages: 91
Authors: Anna Vapen
Categories:
Type: BOOK - Published: 2016-08-22 - Publisher: Linköping University Electronic Press

DOWNLOAD EBOOK

With the increasing personalization of the Web, many websites allow users to create their own personal accounts. This has resulted in Web users often having man
Studying Simulations with Distributed Cognition
Language: en
Pages: 115
Authors: Jonas Rybing
Categories:
Type: BOOK - Published: 2018-03-20 - Publisher: Linköping University Electronic Press

DOWNLOAD EBOOK

Simulations are frequently used techniques for training, performance assessment, and prediction of future outcomes. In this thesis, the term “human-centered s
Distributed Moving Base Driving Simulators
Language: en
Pages: 60
Authors: Anders Andersson
Categories:
Type: BOOK - Published: 2019-04-30 - Publisher: Linköping University Electronic Press

DOWNLOAD EBOOK

Development of new functionality and smart systems for different types of vehicles is accelerating with the advent of new emerging technologies such as connecte
Emergency Vehicle Approaching
Language: en
Pages: 115
Authors: Kajsa Weibull
Categories:
Type: BOOK - Published: 2024-10-17 - Publisher: Linköping University Electronic Press

DOWNLOAD EBOOK

Driving an emergency vehicle can be difficult. The driver of the emergency vehicle must navigate, communicate with emergency services, often drive at high speed
Scalable and Efficient Probabilistic Topic Model Inference for Textual Data
Language: en
Pages: 75
Authors: Måns Magnusson
Categories:
Type: BOOK - Published: 2018-04-27 - Publisher: Linköping University Electronic Press

DOWNLOAD EBOOK

Probabilistic topic models have proven to be an extremely versatile class of mixed-membership models for discovering the thematic structure of text collections.