2,132 research outputs found
The Web SSO Standard OpenID Connect: In-Depth Formal Security Analysis and Security Guidelines
Web-based single sign-on (SSO) services such as Google Sign-In and Log In
with Paypal are based on the OpenID Connect protocol. This protocol enables
so-called relying parties to delegate user authentication to so-called identity
providers. OpenID Connect is one of the newest and most widely deployed single
sign-on protocols on the web. Despite its importance, it has not received much
attention from security researchers so far, and in particular, has not
undergone any rigorous security analysis.
In this paper, we carry out the first in-depth security analysis of OpenID
Connect. To this end, we use a comprehensive generic model of the web to
develop a detailed formal model of OpenID Connect. Based on this model, we then
precisely formalize and prove central security properties for OpenID Connect,
including authentication, authorization, and session integrity properties.
In our modeling of OpenID Connect, we employ security measures in order to
avoid attacks on OpenID Connect that have been discovered previously and new
attack variants that we document for the first time in this paper. Based on
these security measures, we propose security guidelines for implementors of
OpenID Connect. Our formal analysis demonstrates that these guidelines are in
fact effective and sufficient.Comment: An abridged version appears in CSF 2017. Parts of this work extend
the web model presented in arXiv:1411.7210, arXiv:1403.1866,
arXiv:1508.01719, and arXiv:1601.0122
Analyzing the BrowserID SSO System with Primary Identity Providers Using an Expressive Model of the Web
BrowserID is a complex, real-world Single Sign-On (SSO) System for web
applications recently developed by Mozilla. It employs new HTML5 features (such
as web messaging and web storage) and cryptographic assertions to provide
decentralized login, with the intent to respect users' privacy. It can operate
in a primary and a secondary identity provider mode. While in the primary mode
BrowserID runs with arbitrary identity providers (IdPs), in the secondary mode
there is one IdP only, namely Mozilla's default IdP.
We recently proposed an expressive general model for the web infrastructure
and, based on this web model, analyzed the security of the secondary IdP mode
of BrowserID. The analysis revealed several severe vulnerabilities.
In this paper, we complement our prior work by analyzing the even more
complex primary IdP mode of BrowserID. We do not only study authentication
properties as before, but also privacy properties. During our analysis we
discovered new and practical attacks that do not apply to the secondary mode:
an identity injection attack, which violates a central authentication property
of SSO systems, and attacks that break an important privacy promise of
BrowserID and which do not seem to be fixable without a major redesign of the
system. Some of our attacks on privacy make use of a browser side channel that
has not gained a lot of attention so far.
For the authentication bug, we propose a fix and formally prove in a slight
extension of our general web model that the fixed system satisfies all the
requirements we consider. This constitutes the most complex formal analysis of
a web application based on an expressive model of the web infrastructure so
far.
As another contribution, we identify and prove important security properties
of generic web features in the extended web model to facilitate future analysis
efforts of web standards and web applications.Comment: arXiv admin note: substantial text overlap with arXiv:1403.186
An Expressive Model for the Web Infrastructure: Definition and Application to the BrowserID SSO System
The web constitutes a complex infrastructure and as demonstrated by numerous
attacks, rigorous analysis of standards and web applications is indispensable.
Inspired by successful prior work, in particular the work by Akhawe et al. as
well as Bansal et al., in this work we propose a formal model for the web
infrastructure. While unlike prior works, which aim at automatic analysis, our
model so far is not directly amenable to automation, it is much more
comprehensive and accurate with respect to the standards and specifications. As
such, it can serve as a solid basis for the analysis of a broad range of
standards and applications.
As a case study and another important contribution of our work, we use our
model to carry out the first rigorous analysis of the BrowserID system (a.k.a.
Mozilla Persona), a recently developed complex real-world single sign-on system
that employs technologies such as AJAX, cross-document messaging, and HTML5 web
storage. Our analysis revealed a number of very critical flaws that could not
have been captured in prior models. We propose fixes for the flaws, formally
state relevant security properties, and prove that the fixed system in a
setting with a so-called secondary identity provider satisfies these security
properties in our model. The fixes for the most critical flaws have already
been adopted by Mozilla and our findings have been rewarded by the Mozilla
Security Bug Bounty Program.Comment: An abridged version appears in S&P 201
Use of a plant-based polysaccharide hemostat for the treatment of sternal bleeding after median sternotomy
Background: In cardiac surgery profuse or persistent sternal bleeding after sternotomy is routinely controlled with bone wax. However, bone wax should be avoided, especially in high-risk patients for nonunion of the sternum and infections. Purpose of this study was to evaluate an alternative technique to control bleeding after medium sternotomy using a plant based absorbable polysaccharide hemostat. Methods: A consecutive series of 38 patients requiring median sternotomy for coronary artery bypass surgery (21 OPCAB, 17 CABG) had sternal bleeding control with the polysaccharide hemostat, STARSIL (R) HEMOSTAT. This hemostat is a hydrophilic powder, which achieves hemostasis after topical application at the surgical wound site. Initially it dehydrates blood rapidly, thus accelerating aggregation of platelets and blood solids. Thereafter, it forms a gelled adhesive matrix, which serves as a mechanical barrier against further bleeding. The polysaccharide is completely resorbed within 48 to 72 hours. Results: Satisfactory control of sternal bleeding was observed in 37 patients (97%). No product-related complications were observed or any other major adverse events in an observation period of 3 months. Conclusion: Polysaccharide hemostats appear to be safe and effective for bleeding control of the sternum
Use of a plant-based polysaccharide hemostat for the treatment of sternal bleeding after median sternotomy
Background: In cardiac surgery profuse or persistent sternal bleeding after sternotomy is routinely controlled with bone wax. However, bone wax should be avoided, especially in high-risk patients for nonunion of the sternum and infections. Purpose of this study was to evaluate an alternative technique to control bleeding after medium sternotomy using a plant based absorbable polysaccharide hemostat. Methods: A consecutive series of 38 patients requiring median sternotomy for coronary artery bypass surgery (21 OPCAB, 17 CABG) had sternal bleeding control with the polysaccharide hemostat, STARSIL (R) HEMOSTAT. This hemostat is a hydrophilic powder, which achieves hemostasis after topical application at the surgical wound site. Initially it dehydrates blood rapidly, thus accelerating aggregation of platelets and blood solids. Thereafter, it forms a gelled adhesive matrix, which serves as a mechanical barrier against further bleeding. The polysaccharide is completely resorbed within 48 to 72 hours. Results: Satisfactory control of sternal bleeding was observed in 37 patients (97%). No product-related complications were observed or any other major adverse events in an observation period of 3 months. Conclusion: Polysaccharide hemostats appear to be safe and effective for bleeding control of the sternum
Advanced Transport Protocols for Wireless and Mobile Ad Hoc Networks
This thesis comprises transport protocols in the following different areas of research: Fast Handover allows mobile IP end-devices to roam between wireless access routers without interruptions while communicating to devices in an infrastructure (e.g., in the Internet). This work optimizes the Fast Handover algorithm and evaluates the performance of the transport protocols UDP and TCP during fast handovers via measurements. The following part of the thesis focuses on vehicular ad hoc networks. The thesis designs and evaluates through simulations a point-to-point transport protocol for vehicular ad hoc networks and an algorithm to facilitate the reliable and efficient distribution of information in a geographically scoped target area. Finally, the thesis evaluates the impact of wireless radio fluctuations on the performance of an Ad Hoc Network. Measurements quantify the wireless radio fluctuations. Based on these results, the thesis develops a simple but realistic radio model that evaluates by means of simulations the impact on the performance of an ad hoc network. As a result, the work provides guidelines for future ad hoc protocol design
Interdisciplinary three-step strategy to treat aortic stenosis and coronary artery disease in a patient with end-stage chronic obstructive pulmonary disease
Background: Valvular aortic stenosis is a common disease in the elderly, often in multimorbid patients. It is often associated with coronary artery disease and peripheral artery disease. In this situation, the risk of conventional open-heart surgery is too high, and other treatment strategies have to be evaluated.
Case report: A 79-year-old female patient with severe aortic stenosis, coronary artery disease and end-stage chronic obstructive pulmonary disease suffering from dyspnea at rest and permanently dependent on oxygen was treated in three steps. Firstly, her pulmonary infection was treated with antibiotics for 7 days. Then, the left anterior descending artery was stented (bare-metal stent). In the same session, valvuloplasty of the aortic valve was performed. She was sent to rehabilitation to improve her pulmonary condition and took clopidogrel for 4 weeks. Finally, she underwent transapical aortic valve replacement. She was released to rehabilitation on postoperative day 12.
Conclusion: A combination of modern interventional and minimally invasive surgical techniques to treat aortic stenosis and coronary heart disease can be a viable option for multimorbid patients with extremely high risk in conventional open-heart surgery
Solutions for IPv6-based mobility in the EU project MobyDick
Proceedings of the WTC 2002, 18th World Telecommunications Congress, Paris, France, 22 -27 September, 2002.Mobile Internet technology is moving towards a packet-based or, more precisely, IPv6-based network. Current solutions on Mobile IPv6 and other related QoS and AAA matters do not offer the security and quality users have come to take for granted. The EU IST project Moby Dick has taken on the challenge of providing a solution that integrates QoS, mobility and AAA in a heterogeneous access environment. This paper focuses on the mobility part of the project, describes and justifies the handover approach taken, shows how QoS-aware and secure handover is achieved, and introduces the project's paging concept. It shows that a transition to a fully integrated IP-RAN and IP-Backbone has become a distinct option for the future.Publicad
- …