{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,11,17]],"date-time":"2025-11-17T02:55:24Z","timestamp":1763348124404},"publisher-location":"Cham","reference-count":20,"publisher":"Springer International Publishing","isbn-type":[{"type":"print","value":"9783319788128"},{"type":"electronic","value":"9783319788135"}],"license":[{"start":{"date-parts":[[2018,1,1]],"date-time":"2018-01-01T00:00:00Z","timestamp":1514764800000},"content-version":"unspecified","delay-in-days":0,"URL":"http:\/\/www.springer.com\/tdm"}],"content-domain":{"domain":["link.springer.com"],"crossmark-restriction":false},"short-container-title":[],"published-print":{"date-parts":[[2018]]},"DOI":"10.1007\/978-3-319-78813-5_41","type":"book-chapter","created":{"date-parts":[[2018,4,10]],"date-time":"2018-04-10T10:03:21Z","timestamp":1523354601000},"page":"763-777","update-policy":"http:\/\/dx.doi.org\/10.1007\/springer_crossmark_policy","source":"Crossref","is-referenced-by-count":8,"title":["A Framework for Formal Analysis of Privacy on SSO Protocols"],"prefix":"10.1007","author":[{"given":"Kailong","family":"Wang","sequence":"first","affiliation":[]},{"given":"Guangdong","family":"Bai","sequence":"additional","affiliation":[]},{"given":"Naipeng","family":"Dong","sequence":"additional","affiliation":[]},{"given":"Jin Song","family":"Dong","sequence":"additional","affiliation":[]}],"member":"297","published-online":{"date-parts":[[2018,4,11]]},"reference":[{"doi-asserted-by":"crossref","unstructured":"Wang, R., Chen, S., Wang, X.: Signing me onto your accounts through Facebook and Google: a traffic-guided security study of commercially deployed single-sign-on web services. In: IEEE S&P (2012)","key":"41_CR1","DOI":"10.1109\/SP.2012.30"},{"doi-asserted-by":"crossref","unstructured":"Fett, D., K\u00fcsters, R., Schmitz, G.: An expressive model for the web infrastructure: definition and application to the BrowserID SSO system. In: IEEE S&P (2014)","key":"41_CR2","DOI":"10.1109\/SP.2014.49"},{"key":"41_CR3","doi-asserted-by":"publisher","first-page":"43","DOI":"10.1007\/978-3-319-24174-6_3","volume-title":"Computer Security -- ESORICS 2015","author":"Daniel Fett","year":"2015","unstructured":"Fett, D., K\u00fcsters, R., Schmitz, G.: Analyzing the BrowserID SSO system with primary identity providers using an expressive model of the web. In: ESORICS, pp. 43\u201365 (2015)"},{"unstructured":"Bai, G., Lei, J., Meng, G., Venkatraman, S.S., Saxena, P., Sun, J., Liu, Y., Dong, J.S.: AuthScan: automatic extraction of web authentication protocols from implementations. In: NDSS (2013)","key":"41_CR4"},{"key":"41_CR5","doi-asserted-by":"publisher","first-page":"465","DOI":"10.1016\/j.cose.2012.02.005","volume":"31","author":"S-T Sun","year":"2012","unstructured":"Sun, S.-T., Hawkey, K., Beznosov, K.: Systematically breaking and fixing openid security: formal analysis, semi-automated empirical evaluation, and practical countermeasures. Comput. Secur. 31, 465\u2013483 (2012)","journal-title":"Comput. Secur."},{"doi-asserted-by":"crossref","unstructured":"Ye, Q., Bai, G., Wang, K., Dong, J.S.: Formal analysis of a single sign-on protocol implementation for android. In: ICECCS, pp. 90\u201399 (2015)","key":"41_CR6","DOI":"10.1109\/ICECCS.2015.20"},{"unstructured":"Hanna, S., Shinz, E.C.R., Akhawe, D., Boehmz, A., Saxena, P., Song, D.: The emperor\u2019s new API: on the (in)secure usage of new client side primitives. In: W2SP (2010)","key":"41_CR7"},{"doi-asserted-by":"crossref","unstructured":"Armando, A., Carbone, R., Compagna, L., Cuellar, J., Tobarra, L.: Formal analysis of SAML 2.0 web browser single sign-on: breaking the SAML-based single sign-on for Google apps. In: Workshop on Formal Methods in Security Engineering (2008)","key":"41_CR8","DOI":"10.1145\/1456396.1456397"},{"issue":"3","key":"41_CR9","doi-asserted-by":"publisher","first-page":"104","DOI":"10.1145\/373243.360213","volume":"36","author":"Mart\u00edn Abadi","year":"2001","unstructured":"Abadi, M., Fournet, C.: Mobile values, new names, and secure communication. In: POPL, pp. 104\u2013115 (2001)","journal-title":"ACM SIGPLAN Notices"},{"doi-asserted-by":"crossref","unstructured":"Blanchet, B.: An efficient cryptographic protocol verifier based on prolog rules. In: CSFW, pp. 82\u201396 (2001)","key":"41_CR10","DOI":"10.1109\/CSFW.2001.930138"},{"key":"41_CR11","doi-asserted-by":"publisher","first-page":"435","DOI":"10.3233\/JCS-2009-0340","volume":"17","author":"S Delaune","year":"2009","unstructured":"Delaune, S., Kremer, S., Ryan, M.: Verifying privacy-type properties of electronic voting protocols. J. Comput. Secur. 17, 435\u2013487 (2009)","journal-title":"J. Comput. Secur."},{"doi-asserted-by":"crossref","unstructured":"Fett, D., K\u00fcsters, R., Schmitz, G.: SPRESSO: a secure, privacy-respecting single sign-on system for the web. In: CCS, pp. 1358\u20131369 (2015)","key":"41_CR12","DOI":"10.1145\/2810103.2813726"},{"key":"41_CR13","doi-asserted-by":"publisher","first-page":"198","DOI":"10.1109\/TIT.1983.1056650","volume":"29","author":"D Dolev","year":"1983","unstructured":"Dolev, D., Yao, A.C.C.: On the security of public key protocols. IEEE Trans. Inf. Theory 29, 198\u2013207 (1983)","journal-title":"IEEE Trans. Inf. Theory"},{"doi-asserted-by":"crossref","unstructured":"Jackson, D.: In: Tools and Algorithms for the Construction and Analysis of Systems: 8th International Conference, TACAS, p. 20 (2002)","key":"41_CR14","DOI":"10.1007\/3-540-46002-0_2"},{"doi-asserted-by":"crossref","unstructured":"Kerschbaum, F.: Simple cross-site attack prevention. In: Workshop on Security and Privacy in Communications Networks, pp. 464\u2013472 (2007)","key":"41_CR15","DOI":"10.1109\/SECCOM.2007.4550368"},{"key":"41_CR16","first-page":"110","volume-title":"Lecture Notes in Computer Science","author":"Guangdong Bai","year":"2014","unstructured":"Bai, G., Hao, J., Wu, J., Liu, Y., Liang, Z., Martin, A.: Trustfound: towards a formal foundation for model checking trusted computing platforms. In: FM, pp. 110\u2013126 (2014)"},{"key":"41_CR17","doi-asserted-by":"publisher","first-page":"329","DOI":"10.1007\/978-3-642-41202-8_22","volume-title":"Formal Methods and Software Engineering","author":"Jianan Hao","year":"2013","unstructured":"Hao, J., Liu, Y., Cai, W., Bai, G., Sun, J.: vTRUST: a formal modeling and verification framework for virtualization systems. In: ICFEM, pp. 329\u2013346 (2013)"},{"doi-asserted-by":"crossref","unstructured":"Akhawe, D., Barth, A., Lam, P.E., Mitchell, J., Song, D.: Towards a formal foundation of web security. In: CSF, pp. 290\u2013304 (2010)","key":"41_CR18","DOI":"10.1109\/CSF.2010.27"},{"key":"41_CR19","first-page":"126","volume-title":"Lecture Notes in Computer Science","author":"Chetan Bansal","year":"2013","unstructured":"Bansal, C., Bhargavan, K., Delignat-Lavaud, A., Maffei, S.: Keys to the cloud: formal analysis and concrete attacks on encrypted web storage. In: POST, pp. 126\u2013146 (2013)"},{"doi-asserted-by":"crossref","unstructured":"Bansal, C., Bhargavan, K., Maffeis, S.: Discovering concrete attacks on website authorization by formal analysis. In: CSF, pp. 247\u2013262 (2012)","key":"41_CR20","DOI":"10.1109\/CSF.2012.27"}],"container-title":["Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering","Security and Privacy in Communication Networks"],"original-title":[],"link":[{"URL":"http:\/\/link.springer.com\/content\/pdf\/10.1007\/978-3-319-78813-5_41","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2020,10,31]],"date-time":"2020-10-31T12:24:22Z","timestamp":1604147062000},"score":1,"resource":{"primary":{"URL":"http:\/\/link.springer.com\/10.1007\/978-3-319-78813-5_41"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2018]]},"ISBN":["9783319788128","9783319788135"],"references-count":20,"URL":"https:\/\/doi.org\/10.1007\/978-3-319-78813-5_41","relation":{},"ISSN":["1867-8211","1867-822X"],"issn-type":[{"type":"print","value":"1867-8211"},{"type":"electronic","value":"1867-822X"}],"subject":[],"published":{"date-parts":[[2018]]}}}