all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Towards automated formal security analysis of SAML V2.0 Web Browser SSO standard - the POST/Artifact use case

Add to bookmarks
March 19, 2024, 4:11 a.m. | Zvonimir Hartl, Ante {\DJ}erek

cs.CR updates on arXiv.org arxiv.org

arXiv:2403.11859v1 Announce Type: new
Abstract: Single Sign-On (SSO) protocols streamline user authentication with a unified login for multiple online services, improving usability and security. One of the most common SSO protocol frameworks - the Security Assertion Markup Language V2.0 (SAML) Web SSO Profile - has been in use for more than two decades, primarily in government, education and enterprise environments. Despite its mission-critical nature, only certain deployments and configurations of the Web SSO Profile have been formally analyzed. This paper …

analysis artifact arxiv authentication automated browser case cs.cr frameworks language login markup online services profile protocol protocols saml security security analysis security assertion markup language services sign single single sign-on sso standard usability use case web web browser

Visit resource

More from arxiv.org / cs.CR updates on arXiv.org

PrivLM-Bench: A Multi-level Privacy Evaluation Benchmark for Language Models 2 days, 3 hours ago | arxiv.org
accessibility art arxiv attention +15
Provably Robust Cost-Sensitive Learning via Randomized Smoothing 2 days, 3 hours ago | arxiv.org
arxiv cost cs.cr cs.lg +1
WW-FL: Secure and Private Large-Scale Federated Learning 2 days, 3 hours ago | arxiv.org
arxiv attacks client cs.cr +28
Formalizing and Benchmarking Prompt Injection Attacks and Defenses 2 days, 3 hours ago | arxiv.org
arxiv attacks benchmarking cs.ai +9
SecureFalcon: Are We There Yet in Automated Software Vulnerability Detection with LLMs? 2 days, 3 hours ago | arxiv.org
adoption analysis applications arxiv +30
An Efficient and Multi-private Key Secure Aggregation for Federated Learning 2 days, 3 hours ago | arxiv.org
aggregation arxiv client cs.ai +21
How (not) to Build Quantum PKE in Minicrypt 2 days, 3 hours ago | arxiv.org
arxiv box build can +12
Computing Low-Entropy Couplings for Large-Support Distributions 2 days, 3 hours ago | arxiv.org
arxiv computing cs.cr cs.it +6
Unveiling and Mitigating Backdoor Vulnerabilities based on Unlearning Weight Changes and Backdoor Activeness 2 days, 3 hours ago | arxiv.org
arxiv attacks backdoor backdoor attacks +14

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Corporate Intern - Information Security (Year Round)

@ Associated Bank | US WI Remote
View on infosec-jobs.com

Senior Offensive Security Engineer

@ CoStar Group | US-DC Washington, DC
View on infosec-jobs.com