25,628 research outputs found
Recommended from our members
Your Code Is My Code: Exploiting a Common Weakness in OAuth 2.0 Implementations
Many millions of users routinely use their Google, Facebook and Microsoft accounts to log in to websites supporting OAuth 2.0-based single sign on. The security of OAuth 2.0 is therefore of critical importance, and it has been widely examined both in theory and in practice. In this paper we disclose a new class of practical attacks on OAuth 2.0 implementations, which we call Partial Redirection URI Manipulation Attacks. An attack of this type can be used by an attacker to gain a victim user’s OAuth 2.0 code (a token representing a right to access user data) without the user’s knowledge; this code can then be used to impersonate the user to the relevant relying party website. We examined 27 leading OAuth 2.0 identity providers, and found that 19 of them are vulnerable to these attacks
Time-resolved resonance Raman spectroscopy and density functional theory investigation of the CH2I-I isomer and CH2I2⋯I molecular complex products produced from ultraviolet photolysis of CH2I2 in the solution phase
The CH2I-I isomer and CH2I2···I molecular complex products produced from ultraviolet photolysis of CH2I2 in the solution phase was analyzed by using time-resolved resonance Raman spectroscopy. The structure and properties of the CH2I-I species and the CH2I2···I molecular complex and their reaction towards ethylene were compared. The results showed that the CH2I-I isomer reacts with ethylene to produce a cyclopropane product and I2 leaving group via a single step and low barrier to reaction.published_or_final_versio
Analysing the Security of Google's implementation of OpenID Connect
Many millions of users routinely use their Google accounts to log in to
relying party (RP) websites supporting the Google OpenID Connect service.
OpenID Connect, a newly standardised single-sign-on protocol, builds an
identity layer on top of the OAuth 2.0 protocol, which has itself been widely
adopted to support identity management services. It adds identity management
functionality to the OAuth 2.0 system and allows an RP to obtain assurances
regarding the authenticity of an end user. A number of authors have analysed
the security of the OAuth 2.0 protocol, but whether OpenID Connect is secure in
practice remains an open question. We report on a large-scale practical study
of Google's implementation of OpenID Connect, involving forensic examination of
103 RP websites which support its use for sign-in. Our study reveals serious
vulnerabilities of a number of types, all of which allow an attacker to log in
to an RP website as a victim user. Further examination suggests that these
vulnerabilities are caused by a combination of Google's design of its OpenID
Connect service and RP developers making design decisions which sacrifice
security for simplicity of implementation. We also give practical
recommendations for both RPs and OPs to help improve the security of real world
OpenID Connect systems
Substituent Effects on the Photodeprotection Reactions of Selected Ketoprofen Derivatives in Phosphate Buffered Aqueous Solutions
published_or_final_versio
Water assisted and acid catalyzed decarboxylation reactions of ketoprofen in aqueous solutions
Parallel Sessions: Photophysics and Chemical Dynamics (FOD) - Poster Number: 08:50 - 9:10 ampostprintThe 22nd International Conference on Raman Spectroscopy (ICORS 2010), Boston, MA., 8-13 August 2010
Water concentration dependent photochemistry of ketoprofen in neutral aqueous solutions
Monday Poster Session: Time Resolved Raman (MP09) - Poster Number: 156The rate constants and reaction mechanism of ketoprofen were observed to be greatly dependent on the concentration of the solvent in neutral aqueous solutions with varying water concentrations. In neat acetonitrile and solvents with low concentrations of water, ketoprofen displays benzophenone-like photochemistry. However, in solvents with very high concentrations of water, the triplet state ketoprofen is first seen and then experiences a very fast decarboxylation process to produce a triplet protonated biradical carbanion species. For solvents with moderate higher water concentrations, the hydrogen abstraction and decarboxylation processes are two competitive pathways with different rate constants.postprintThe 22nd International Conference on Raman Spectroscopy (ICORS 2010), Boston, MA., 8-13 August 2010
Direct observation of an isopolyhalomethane O-H insertion reaction with water: Picosecond time-resolved resonance Raman (ps-TR 3) study of the isobromoform reaction with water to produce a CHBr 2OH product
The spectroscopic observation of an isopolyhalomethane O-H insertion reaction with water was obtained using picosecond time-resolved resonance Raman spectroscopy. It was observed that photolysis of low concentrations of bromoform in aqueous solution resulted in noticeable formation of HBr strong acid. It was shown by ab initio calculations that isobromoform can react with water to produce a CHBr 2(OH) O-H insertion reaction product and a HBr leaving group. The implications of the results for the phase dependent behavior of polyhalomethane photochemistry in the gas phase versus water solvated environments were discussed.published_or_final_versio
SEARCHING FOR DEBRIS DISKS AROUND SEVEN RADIO PULSARS
We report on our searches for debris disks around seven relatively nearby radio pulsars, which are isolated sources that were carefully selected as targets on the basis of our deep Ks-band imaging survey. The Ks images obtained with the 6.5m Baade Magellan Telescope at Las Campanas Observatory are analyzed together with the Spitzer/IRAC images at 4.5 and 8.0μm and the WISE images at 3.4, 4.6, 12, and 22μm. No infrared counterparts of these pulsars are found, with flux upper limits of ∼μJy at near-infrared (λ < 10μm) and ∼10–1000μJy at mid-infrared
wavelengths (λ > 10 μm). The results of this search are discussed in terms of the efficiency of converting the pulsar spin-down energy to thermal energy and X-ray heating of debris disks, with a comparison made of the two magnetars 4U 0142+61 and 1E 2259+586, which are suggested to harbor a debris disk.published_or_final_versio
Transient resonance Raman spectroscopy and density functional theory investigation of iso-CHBr 2Cl and iso-CCl 3Br photoproducts produced following ultraviolet excitation of CHBr 2Cl and CCl 3Br
Two polyhalomethanes that contain bromine and chlorine atoms (CHBr 2Cl and CCl 2Br) were studied. Transient resonance Raman spectra were obtained for the photoproducts produced after ultraviolet excitation of CHBr 2Cl and CCl 3Br in room temperature solutions and density functional theory calculations for species proposed to be products of the photodissociation reactions in the solution phase. It was found that the iso-CHBrCl-Br and iso-CHClBr-Br species are formed following ultraviolet excitation of CHBr 2Cl and the iso-CCl 2Cl-Br species formed following ultraviolet excitation of CCl 3Br in the solution phase.published_or_final_versio
- …