Threat Modelling in User Performed Authentication
Authors: Xun Dong, John A. Clark, Jeremy L. Jacob

Date: October 2008
Publication: Proceedings of the 10th International Conference on Information and Communications Security (ICICS '08)
Page(s): 49 - 64
Publisher: Springer-Verlag
Source 1: https://www-users.cs.york.ac.uk/%7Ejac/PublishedPapers/ThreatModellingUserAuthenticationICICS2008.pdf
Source 2: https://doi.org/10.1007/978-3-540-88625-9_4 - Subscription or payment required

Abstract or Summary:
User authentication can be compromised both by subverting the system and by subverting the user; the threat modelling of the former is well studied, the latter less so. We propose a method to determine opportunities to subvert the user allowing vulnerabilities to be systematically identified. The method is applied to VeriSign’s OpenID authentication mechanism.



Do you have additional information to contribute regarding this research paper? If so, please email siteupdates@passwordresearch.com with the details.

<-- Back to Authentication Research Paper Index





[Home] [About Us] [News] [Research]

Copyright © 2019 PasswordResearch.com