1,877 research outputs found
Be a New Source
Intoduction to the Summer 2020 issue of XRDS, "View Source / be a new source
Do not trust me: Using malicious IdPs for analyzing and attacking Single Sign-On
Single Sign-On (SSO) systems simplify login procedures by using an an
Identity Provider (IdP) to issue authentication tokens which can be consumed by
Service Providers (SPs). Traditionally, IdPs are modeled as trusted third
parties. This is reasonable for SSO systems like Kerberos, MS Passport and
SAML, where each SP explicitely specifies which IdP he trusts. However, in open
systems like OpenID and OpenID Connect, each user may set up his own IdP, and a
discovery phase is added to the protocol flow. Thus it is easy for an attacker
to set up its own IdP. In this paper we use a novel approach for analyzing SSO
authentication schemes by introducing a malicious IdP. With this approach we
evaluate one of the most popular and widely deployed SSO protocols - OpenID. We
found four novel attack classes on OpenID, which were not covered by previous
research, and show their applicability to real-life implementations. As a
result, we were able to compromise 11 out of 16 existing OpenID implementations
like Sourceforge, Drupal and ownCloud. We automated discovery of these attacks
in a open source tool OpenID Attacker, which additionally allows fine-granular
testing of all parameters in OpenID implementations. Our research helps to
better understand the message flow in the OpenID protocol, trust assumptions in
the different components of the system, and implementation issues in OpenID
components. It is applicable to other SSO systems like OpenID Connect and SAML.
All OpenID implementations have been informed about their vulnerabilities and
we supported them in fixing the issues
Recommended from our members
Geovisualization of household energy consumption characteristics
A vast amount of quantitative data is available within the energy sector, however, there is limited understanding of the relationships between neighbourhoods, demographic characteristics and domestic energy consumption habits. We report upon research that will combine datasets relating to energy consumption, saving and loss with geodemographics to enable better understanding of energy user types. A novel interactive interface is planned to evaluate the performance of these energy-based classifications. The research aims to help local governments and the energy industry in targeting households and populations for new energy saving schemes and in improving efforts to promote sustainable energy consumption. Energy based neighbourhood classifications will also promote consumption awareness amongst domestic users. This poster describes the research methodology, data sources and visualization requirements
Chemically specifi C multiscale modeling of clay-polymer nanocomposites reveals intercalation dynamics, tactoid self-assembly and emergent materials properties
A quantitative description is presented of the dynamical process of polymer intercalation into clay tactoids and the ensuing aggregation of polymerentangled tactoids into larger structures, obtaining various characteristics of these nanocomposites, including clay-layer spacings, out-of-plane clay-sheet bending energies, X-ray diffractograms, and materials properties. This model of clay-polymer interactions is based on a three-level approach, which uses quantum mechanical and atomistic descriptions to derive a coarse-grained yet chemically specifi c representation that can resolve processes on hitherto inaccessible length and time scales. The approach is applied to study collections of clay mineral tactoids interacting with two synthetic polymers, poly(ethylene glycol) and poly(vinyl alcohol). The controlled behavior of layered materials in a polymer matrix is centrally important for many engineering and manufacturing applications. This approach opens up a route to computing the properties of complex soft materials based on knowledge of their chemical composition, molecular structure, and processing conditions.This work was funded in part by the EU FP7 MAPPER project (grant number RI-261507) and the Qatar National Research Fund (grant number 09–260–1–048). Supercomputing time was provided by PRACE on JUGENE (project PRA044), the Hartree Centre (Daresbury Laboratory) on BlueJoule and BlueWonder via the CGCLAY project, and on HECToR and ARCHER, the UK national supercomputing facility at the University of Edinburgh, via EPSRC through grants EP/F00521/1, EP/E045111/1, EP/I017763/1 and the UK Consortium on Mesoscopic Engineering Sciences (EP/L00030X/1). The authors are grateful to Professor Julian Evans for stimulating discussions during the course of this project. Data-storage and management services were provided by EUDAT (grant number 283304)
An XRI naming system for dynamic and federated clouds: a performance analysis
Abstract
Cloud platforms are dynamic, self-optimizing, continuously changing environments where resources can be composed with other ones in order to provide many types of services to their users, e.g., companies, governments, organizations, and desktop/mobile clients. In order to enable cloud platforms to manage and control their assets, they need to name, identify, and resolve their virtual resources in different operating contexts. In such a scenario, naming, resource location, and information retrieval raise several issues regarding name space management. This paper aims to propose a standard practice for the implementation of a cloud naming system based on the eXtensible Resource Identifier (XRI) technology. More specifically, by means of the development of a Cloud Name Space Management (CNSM) front-end interacting with the OpenXRI architecture, we investigate its performance simulating typical cloud name space management tasks
Synthesis and thermoelectric characterization of Bi2Te3 nanoparticles
We report a novel synthesis for near monodisperse, sub-10-nm Bi2Te3
nanoparticles. At first, a new reduction route to bismuth nanoparticles is
described which are applied as starting materials in the formation of
rhombohedral Bi2Te3 nanoparticles. After ligand removal by a novel hydrazine
hydrate etching procedure, the nanoparticle powder is spark plasma sintered to
a pellet with preserved crystal grain sizes. Unlike previous works on the
properties of Bi2Te3 nanoparticles, the full thermoelectric characterization of
such sintered pellets shows a highly reduced thermal conductivity and the same
electric conductivity as bulk n-type Bi2Te3.Comment: 8 pages, 8 figures, 1 tabl
- …