Побудова та дослідження моделі безпечного способу авторизації на основі протоколу OAuth 2.0 для веб-застосунків, що використовують API

Представлена дипломна робота складається з трьох розділів, загальний обсяг роботи – 84 сторінки. Містить 13 літературних посилань, 11 ілюстрацій, 2 таблиці. Основною метою роботи є підвищення захищеності способу авторизації веб застосунків, які використовують протоколи авторизації. Для досягнення мети потрібно провести дослідження та аналіз теперішніх протоколів авторизації, обрати найбільш безпечний для реалізації, виявити та дослідити існуючи атаки на обраний протокол авторизації – OAuth 2.0, та базуючись на складеному переліку атак побудувати модель безпечного способу авторизації на основі даного протоколу. Об’єкт дослідження даної роботи – протоколи авторизації для веб-застосунків, що використовують API. Предметом дослідження виступають атаки на протокол авторизації OAuth 2.0 та можливі методи захисту від них. Під час написання роботи були проведені аналіз, дослідження та узагальнення технічної та наукової літератури, запропоновано реалізацію моделі безпечного способу авторизації на основі протоколу OAuth 2.0 для веб-застосунків. Значення даної роботи зумовлено використанням розробниками запропонованої моделі для реалізації безпечного способу авторизації кінцевих користувачів, та побудови безпечних веб застосунків, що використовують протокол авторизації OAuth 2.0.The presented thesis consists of three sections, the total volume of work is 84 pages. Contains 13 literary references, 11 illustrations, 2 tables. The main purpose of the work is to increase security of the authorization method for web-applications that use authorization protocols. In order to achieve the goal, it is necessary to conduct research and analysis of existing authorization protocols, to select safest to implement, to detect and investigate existing attacks on the selected authorization protocol - OAuth 2.0, and based on a composite list of attacks to build a safe model of authorization based on this protocol. The object of this study is authorization protocols for web applications that use the API. The subject of the study is attacks on the authorization protocol OAuth 2.0 and possible methods of their mitigation. During writing of this work, analysis, research and generalization of technical and scientific literature were conducted, the implementation of the safe authorization method model based on OAuth 2.0 for web applications was proposed. The value of this work is due to the use of the proposed model by software developers to implement a secure end-user authorization method and the construction of secure web-applications that use the OAuth 2.0 authorization protocol

Your Code Is My Code: Exploiting a Common Weakness in OAuth 2.0 Implementations

Many millions of users routinely use their Google, Facebook and Microsoft accounts to log in to websites supporting OAuth 2.0-based single sign on. The security of OAuth 2.0 is therefore of critical importance, and it has been widely examined both in theory and in practice. In this paper we disclose a new class of practical attacks on OAuth 2.0 implementations, which we call Partial Redirection URI Manipulation Attacks. An attack of this type can be used by an attacker to gain a victim user’s OAuth 2.0 code (a token representing a right to access user data) without the user’s knowledge; this code can then be used to impersonate the user to the relevant relying party website. We examined 27 leading OAuth 2.0 identity providers, and found that 19 of them are vulnerable to these attacks

Analysing the Security of Google's implementation of OpenID Connect

Many millions of users routinely use their Google accounts to log in to relying party (RP) websites supporting the Google OpenID Connect service. OpenID Connect, a newly standardised single-sign-on protocol, builds an identity layer on top of the OAuth 2.0 protocol, which has itself been widely adopted to support identity management services. It adds identity management functionality to the OAuth 2.0 system and allows an RP to obtain assurances regarding the authenticity of an end user. A number of authors have analysed the security of the OAuth 2.0 protocol, but whether OpenID Connect is secure in practice remains an open question. We report on a large-scale practical study of Google's implementation of OpenID Connect, involving forensic examination of 103 RP websites which support its use for sign-in. Our study reveals serious vulnerabilities of a number of types, all of which allow an attacker to log in to an RP website as a victim user. Further examination suggests that these vulnerabilities are caused by a combination of Google's design of its OpenID Connect service and RP developers making design decisions which sacrifice security for simplicity of implementation. We also give practical recommendations for both RPs and OPs to help improve the security of real world OpenID Connect systems

The Web SSO Standard OpenID Connect: In-Depth Formal Security Analysis and Security Guidelines

Web-based single sign-on (SSO) services such as Google Sign-In and Log In with Paypal are based on the OpenID Connect protocol. This protocol enables so-called relying parties to delegate user authentication to so-called identity providers. OpenID Connect is one of the newest and most widely deployed single sign-on protocols on the web. Despite its importance, it has not received much attention from security researchers so far, and in particular, has not undergone any rigorous security analysis. In this paper, we carry out the first in-depth security analysis of OpenID Connect. To this end, we use a comprehensive generic model of the web to develop a detailed formal model of OpenID Connect. Based on this model, we then precisely formalize and prove central security properties for OpenID Connect, including authentication, authorization, and session integrity properties. In our modeling of OpenID Connect, we employ security measures in order to avoid attacks on OpenID Connect that have been discovered previously and new attack variants that we document for the first time in this paper. Based on these security measures, we propose security guidelines for implementors of OpenID Connect. Our formal analysis demonstrates that these guidelines are in fact effective and sufficient.Comment: An abridged version appears in CSF 2017. Parts of this work extend the web model presented in arXiv:1411.7210, arXiv:1403.1866, arXiv:1508.01719, and arXiv:1601.0122