{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2024,9,10]],"date-time":"2024-09-10T19:14:30Z","timestamp":1725995670008},"publisher-location":"Cham","reference-count":15,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783030024499"},{"type":"electronic","value":"9783030024505"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"tdm","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-030-02450-5_31","type":"book-chapter","created":{"date-parts":[[2018,10,10]],"date-time":"2018-10-10T12:54:57Z","timestamp":1539176097000},"page":"441-445","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":1,"title":["Analyzing Security and Privacy in Design and Implementation of Web Authentication Protocols"],"prefix":"10.1007","author":[{"given":"Kailong","family":"Wang","sequence":"first","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,10,11]]},"reference":[{"key":"31_CR1","unstructured":"Bai, G., et al.: AuthScan: automatic extraction of web authentication protocols from implementations. In: NDSS (2013)"},{"key":"31_CR2","doi-asserted-by":"crossref","unstructured":"Bai, G., Hao, J., Wu, J., Liu, Y., Liang, Z., Martin, A.: Trustfound: towards a formal foundation for model checking trusted computing platforms. In: FM, pp. 110\u2013126 (2014)","DOI":"10.1007\/978-3-319-06410-9_8"},{"key":"31_CR3","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"126","DOI":"10.1007\/978-3-642-36830-1_7","volume-title":"Principles of Security and Trust","author":"C Bansal","year":"2013","unstructured":"Bansal, C., Bhargavan, K., Delignat-Lavaud, A., Maffeis, S.: Keys to the cloud: formal analysis and concrete attacks on encrypted web storage. In: Basin, D., Mitchell, J.C. (eds.) POST 2013. LNCS, vol. 7796, pp. 126\u2013146. Springer, Heidelberg (2013). https:\/\/doi.org\/10.1007\/978-3-642-36830-1_7"},{"key":"31_CR4","doi-asserted-by":"crossref","unstructured":"Bansal, C., Bhargavan, K., Maffeis, S.: Discovering concrete attacks on website authorization by formal analysis. In: CSF, pp. 247\u2013262 (2012)","DOI":"10.1109\/CSF.2012.27"},{"key":"31_CR5","doi-asserted-by":"crossref","unstructured":"Fett, D., K\u00fcsters, R., Schmitz, G.: An expressive model for the web infrastructure: definition and application to the BrowserID SSO system. In: IEEE S&P (2014)","DOI":"10.1109\/SP.2014.49"},{"key":"31_CR6","series-title":"Lecture Notes in Computer Science","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1007\/978-3-319-24174-6_3","volume-title":"Computer Security \u2013 ESORICS 2015","author":"D Fett","year":"2015","unstructured":"Fett, D., K\u00fcsters, R., Schmitz, G.: Analyzing the BrowserID SSO system with primary identity providers using an expressive model of the web. In: Pernul, G., Ryan, P.Y.A., Weippl, E. (eds.) ESORICS 2015. LNCS, vol. 9326, pp. 43\u201365. Springer, Cham (2015). https:\/\/doi.org\/10.1007\/978-3-319-24174-6_3"},{"key":"31_CR7","doi-asserted-by":"crossref","unstructured":"Fett, D., K\u00fcsters, R., Schmitz, G.: SPRESSO: a secure, privacy-respecting single sign-on system for the web. In: CCS, pp. 1358\u20131369 (2015)","DOI":"10.1145\/2810103.2813726"},{"key":"31_CR8","doi-asserted-by":"crossref","unstructured":"Hao, J., Liu, Y., Cai, W., Bai, G., Sun, J.: vTRUST: a formal modeling and verification framework for virtualization systems. In: ICFEM, pp. 329\u2013346 (2013)","DOI":"10.1007\/978-3-642-41202-8_22"},{"key":"31_CR9","unstructured":"Reuters: Facebook says data leak hits 87 million users, widening privacy scandal. https:\/\/www.reuters.com\/article\/us-facebook-privacy\/facebook-says-data-leak-hits-87-million-users-widening-privacy-scandal-idUSKCN1HB2CM"},{"key":"31_CR10","doi-asserted-by":"publisher","first-page":"71","DOI":"10.1016\/j.cose.2017.04.011","volume":"71","author":"Giada Sciarretta","year":"2017","unstructured":"Sciarretta, G., Carbone, R., Ranise, S., Armando, A.: Anatomy of the Facebook solution for mobile single sign-on: security assessment and improvements (2017)","journal-title":"Computers & Security"},{"issue":"4","key":"31_CR11","doi-asserted-by":"publisher","first-page":"465","DOI":"10.1016\/j.cose.2012.02.005","volume":"31","author":"San-Tsai Sun","year":"2012","unstructured":"Sun, S.T., Hawkey, K., Beznosov, K.: Systematically breaking and fixing openID security: formal analysis, semi-automated empirical evaluation, and practical countermeasures. Comput. Secur. 31(4), 465\u2013483 (2012)","journal-title":"Computers & Security"},{"key":"31_CR12","series-title":"Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","doi-asserted-by":"publisher","first-page":"763","DOI":"10.1007\/978-3-319-78813-5_41","volume-title":"Security and Privacy in Communication Networks","author":"K Wang","year":"2018","unstructured":"Wang, K., Bai, G., Dong, N., Dong, J.S.: A framework for formal analysis of privacy on SSO protocols. In: Lin, X., Ghorbani, A., Ren, K., Zhu, S., Zhang, A. (eds.) SecureComm 2017. LNICST, vol. 238, pp. 763\u2013777. Springer, Cham (2018). https:\/\/doi.org\/10.1007\/978-3-319-78813-5_41"},{"key":"31_CR13","doi-asserted-by":"crossref","unstructured":"Wang, R., Chen, S., Wang, X.: Signing me onto your accounts through Facebook and Google: a traffic-guided security study of commercially deployed single-sign-on web services. In: IEEE S&P (2012)","DOI":"10.1109\/SP.2012.30"},{"key":"31_CR14","unstructured":"Wang, R., Zhou, Y., Chen, S., Qadeer, S., Evans, D., Gurevich, Y.: Explicating SDKs: uncovering assumptions underlying secure authentication and authorization. In: USENIX Security, pp. 399\u2013414 (2013)"},{"key":"31_CR15","doi-asserted-by":"crossref","unstructured":"Ye, Q., Bai, G., Wang, K., Dong, J.S.: Formal analysis of a single sign-on protocol implementation for Android. In: ICECCS, pp. 90\u201399 (2015)","DOI":"10.1109\/ICECCS.2015.20"}],"container-title":["Lecture Notes in Computer Science","Formal Methods and Software Engineering"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-030-02450-5_31","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2019,10,26]],"date-time":"2019-10-26T06:08:11Z","timestamp":1572070091000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-030-02450-5_31"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783030024499","9783030024505"],"references-count":15,"URL":"https:\/\/doi.org\/10.1007\/978-3-030-02450-5_31","relation":{},"ISSN":["0302-9743","1611-3349"],"issn-type":[{"type":"print","value":"0302-9743"},{"type":"electronic","value":"1611-3349"}],"subject":[],"published":{"date-parts":[[2018]]},"assertion":[{"value":"ICFEM","order":1,"name":"conference_acronym","label":"Conference Acronym","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"International Conference on Formal Engineering Methods","order":2,"name":"conference_name","label":"Conference Name","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Gold Coast, QLD","order":3,"name":"conference_city","label":"Conference City","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Australia","order":4,"name":"conference_country","label":"Conference Country","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"2018","order":5,"name":"conference_year","label":"Conference Year","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"12 November 2018","order":7,"name":"conference_start_date","label":"Conference Start Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"16 November 2018","order":8,"name":"conference_end_date","label":"Conference End Date","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"20","order":9,"name":"conference_number","label":"Conference Number","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"icfem2018","order":10,"name":"conference_id","label":"Conference ID","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"http:\/\/www.formal-analysis.com\/icfem\/2018\/","order":11,"name":"conference_url","label":"Conference URL","group":{"name":"ConferenceInfo","label":"Conference Information"}},{"value":"Open","order":1,"name":"type","label":"Type","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"EasyChair","order":2,"name":"conference_management_system","label":"Conference Management System","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"66","order":3,"name":"number_of_submissions_sent_for_review","label":"Number of Submissions Sent for Review","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"22","order":4,"name":"number_of_full_papers_accepted","label":"Number of Full Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"14","order":5,"name":"number_of_short_papers_accepted","label":"Number of Short Papers Accepted","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"33% - The value is computed by the equation \"Number of Full Papers Accepted \/ Number of Submissions Sent for Review * 100\" and then rounded to a whole number.","order":6,"name":"acceptance_rate_of_full_papers","label":"Acceptance Rate of Full Papers","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"3","order":7,"name":"average_number_of_reviews_per_paper","label":"Average Number of Reviews per Paper","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"4","order":8,"name":"average_number_of_papers_per_reviewer","label":"Average Number of Papers per Reviewer","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}},{"value":"Yes","order":9,"name":"external_reviewers_involved","label":"External Reviewers Involved","group":{"name":"ConfEventPeerReviewInformation","label":"Peer Review Information"}}]}}