David P. Kormann and Aviel D. Rubin. Risks of the Passport single signon protocol. In Proc. 9th international World Wide Web conference on computer networks, pages 51--58. North-Holland Publishing Co., 2000. Home/Search Document Not in Database Summary Related Articles Check |
This paper is cited in the following contexts:
Why Information Security is Hard - An Economic Perspective - Anderson (2001) (18 citations) (Correct)
....middleperson attacks; and that you can be impersonated by someone who steals your cookie file. Passport has a logout facility that s supposed to delete the cookies for a particular merchant, so you can use a shared PC with less risk, but this feature doesn t work properly for Netscape users [8]. 5 The constant struggles to entrench or undermine monopolies and to segment and control markets determine many of the environmental conditions that make the security engineer s work harder. So much for commercial information security. But what about the government sector As information ....
DP Kormann, AD Rubin, "Risks of the Passport Single Signon Protocol", in Computer Networks (July 2000); at http://avirubin.com/vita.html
Off-line generation of limited-use credit card numbers.. - Rubin, Wright (2002) (1 citation) (Correct)
....authentication, most consumers do not have the necessary public key certificates for it and virtually all consumer oriented Web merchants only implement server authentication. Unfortunately, despite the use of SSL, there is no guarantee that the user is not being fooled by a malicious merchant [KR00] or, at least in earlier versions of SSL, that an outside attacker might not be able to break the encryption [Ble98] There are several ways SSL can break down even if the encryption mechanism is not broken. Most users do not actually verify the certificate on a secure site. That is, most users ....
D. Kormann and A. Rubin. Risks of the Passport single signon protocol. In Proceedings of 9th International World Wide Web Conference, May 2000. 10
Off-line generation of limited-use credit card numbers.. - Rubin, al. (2001) (1 citation) (Correct)
....authentication, most consumers do not have the necessary public key certificates for it and virtually all consumer oriented Web merchants only implement server authentication. Unfortunately, despite the use of SSL, there is no guarantee that the user is not being fooled by a malicious merchant [KR00] or, at least in earlier versions of SSL, that an outside attacker might not be able to break the encryption [Ble98] There are several ways SSL can break down even if the encryption mechanism is not broken. Most users do not actually verify the certificate on a secure site. That is, most users ....
D. Kormann and A. Rubin. Risks of the Passport single signon protocol. In Proceedings of 9th International World Wide Web Conference, May 2000.
Privacy-Preserving Global Customization - Arlein, Jai, Jakobsson, Morose.. (2000) (2 citations) (Correct)
....issues credentials. This is not surprising given that both systems are designed for unmodified client browsers, albeit for somewhat different tasks. The limitations of HTTP and surrounding infrastructure result in limitations of our protocol similar to some recently pointed out for Passport [8]. Where possible, we have taken steps as suggested in [8] in our implementation to address these limitations. 5. PERSONAE MANAGEMENT As already discussed, personae are the basic tool by which users partition their behaviors into profiles. The main challenge to implementing personae is to enable ....
....both systems are designed for unmodified client browsers, albeit for somewhat different tasks. The limitations of HTTP and surrounding infrastructure result in limitations of our protocol similar to some recently pointed out for Passport [8] Where possible, we have taken steps as suggested in [8] in our implementation to address these limitations. 5. PERSONAE MANAGEMENT As already discussed, personae are the basic tool by which users partition their behaviors into profiles. The main challenge to implementing personae is to enable the user to easily configure her personae with the ....
D. P. Kormann and A. D. Rubin. Risks of the Passport single signon protocol. In Proceedings of the 9th International World Wide Web Conference, May 2000.
A Convenient Method for Securely Managing Passwords - Alex Halderman Jhalderm (2005) (Correct)
No context found.
David P. Kormann and Aviel D. Rubin. Risks of the Passport single signon protocol. In Proc. 9th international World Wide Web conference on computer networks, pages 51--58. North-Holland Publishing Co., 2000.
A Convenient Method for Securely Managing Passwords - Halderman, Waters, Felten (2005) (Correct)
No context found.
David P. Kormann and Aviel D. Rubin. Risks of the Passport single signon protocol. In Proc. 9th international World Wide Web conference on computer networks, pages 51--58. North-Holland Publishing Co., 2000.
A Convenient Method for Securely Managing Passwords - Halderman, Waters, Felten (2005) (Correct)
No context found.
David P. Kormann and Aviel D. Rubin. Risks of the Passport single signon protocol. In Proc. 9th international World Wide Web conference on computer networks, pages 51--58. North-Holland Publishing Co., 2000.
Why Information Security is Hard - An Economic Perspective - Anderson (2001) (18 citations) (Correct)
No context found.
DP Kormann, AD Rubin, "Risks of the Passport Single Signon Protocol", in Computer Networks (July 2000); at http://avirubin. com/vita.html
Security Analysis of the SAML Single Sign-On Browser/Artifact.. - Groß (2003) (Correct)
No context found.
D. P. Kormann and A. D. Rubin. Risks of the passport single signon protocol. Computer Networks, 33:51--58, 2000.
Online articles have much greater impact More about CiteSeer.IST Add search form to your site Submit documents Feedback
CiteSeer.IST - Copyright Penn State and NEC