{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:15:18Z","timestamp":1750306518751,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":21,"publisher":"ACM","license":[{"start":{"date-parts":[[2014,10,1]],"date-time":"2014-10-01T00:00:00Z","timestamp":1412121600000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"funder":[{"DOI":"10.13039\/501100004853","name":"Chinese University of Hong Kong","doi-asserted-by":"publisher","award":["project number 4055031"],"award-info":[{"award-number":["project number 4055031"]}],"id":[{"id":"10.13039\/501100004853","id-type":"DOI","asserted-by":"publisher"}]}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2014,10]]},"DOI":"10.1145\/2660460.2660463","type":"proceedings-article","created":{"date-parts":[[2014,10,1]],"date-time":"2014-10-01T13:35:08Z","timestamp":1412170508000},"page":"271-278","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":18,"title":["Application impersonation"],"prefix":"10.1145","author":[{"given":"Pili","family":"Hu","sequence":"first","affiliation":[{"name":"The Chinese University of Hong Kong, Hong Kong, Hong Kong"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Ronghai","family":"Yang","sequence":"additional","affiliation":[{"name":"The Chinese University of Hong Kong, Hong Kong, Hong Kong"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yue","family":"Li","sequence":"additional","affiliation":[{"name":"College of William and Mary, Virginia, USA"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Wing Cheong","family":"Lau","sequence":"additional","affiliation":[{"name":"The Chinese University of Hong Kong, Hong Kong, Hong Kong"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2014,10]]},"reference":[{"key":"e_1_3_2_1_1_1","doi-asserted-by":"crossref","unstructured":"E. Hammer-Lahav \"The oauth 1.0 protocol \" April 2010. RFC5849.  E. Hammer-Lahav \"The oauth 1.0 protocol \" April 2010. RFC5849.","DOI":"10.17487\/rfc5849"},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"crossref","unstructured":"D. Hardt \"The oauth 2.0 authorization framework \" October 2012. RFC6749.  D. Hardt \"The oauth 2.0 authorization framework \" October 2012. RFC6749.","DOI":"10.17487\/rfc6749"},{"key":"e_1_3_2_1_3_1","volume-title":"Oauth 2.0 threat model and security considerations","author":"Lodderstedt T.","year":"2013","unstructured":"T. Lodderstedt , M. McGloin , and P. Hunt , \" Oauth 2.0 threat model and security considerations ,\" January 2013 . RFC 6819. T. Lodderstedt, M. McGloin, and P. Hunt, \"Oauth 2.0 threat model and security considerations,\" January 2013. RFC6819."},{"key":"e_1_3_2_1_4_1","volume-title":"The oauth 2.0 authorization framework: Bearer token usage","author":"Jones M.","year":"2012","unstructured":"M. Jones and D. Hardt , \" The oauth 2.0 authorization framework: Bearer token usage ,\" October 2012 . RFC 6750. M. Jones and D. Hardt, \"The oauth 2.0 authorization framework: Bearer token usage,\" October 2012. RFC6750."},{"key":"e_1_3_2_1_5_1","volume-title":"MAC access authentication","author":"Hammer-Lahav E.","year":"2012","unstructured":"E. Hammer-Lahav , \" HTTP authentication : MAC access authentication ,\" Feb 2012 . E. Hammer-Lahav, \"HTTP authentication: MAC access authentication,\" Feb 2012."},{"key":"e_1_3_2_1_6_1","volume-title":"Universally composable security analysis of oauth v2.0,\" IACR Cryptology ePrint Archive","author":"Chari S.","year":"2011","unstructured":"S. Chari , C. S. Jutla , and A. Roy , \" Universally composable security analysis of oauth v2.0,\" IACR Cryptology ePrint Archive , vol. 2011 , p. 526, 2011 . S. Chari, C. S. Jutla, and A. Roy, \"Universally composable security analysis of oauth v2.0,\" IACR Cryptology ePrint Archive, vol. 2011, p. 526, 2011."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSNT.2011.141"},{"key":"e_1_3_2_1_9_1","doi-asserted-by":"publisher","DOI":"10.1109\/CSF.2012.27"},{"key":"e_1_3_2_1_10_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2012.30"},{"key":"e_1_3_2_1_11_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382238"},{"key":"e_1_3_2_1_12_1","volume-title":"Authscan: Automatic extraction of web authentication protocols from implementations,\" in Network and Distributed System Security Symposium","author":"Bai G.","year":"2013","unstructured":"G. Bai , J. Lei , G. Meng , S. S. Venkatraman , P. Saxena , J. Sun , Y. Liu , and J. S. Dong , \" Authscan: Automatic extraction of web authentication protocols from implementations,\" in Network and Distributed System Security Symposium , 2013 . G. Bai, J. Lei, G. Meng, S. S. Venkatraman, P. Saxena, J. Sun, Y. Liu, and J. S. Dong, \"Authscan: Automatic extraction of web authentication protocols from implementations,\" in Network and Distributed System Security Symposium, 2013."},{"key":"e_1_3_2_1_13_1","doi-asserted-by":"publisher","DOI":"10.1145\/1102199.1102214"},{"key":"e_1_3_2_1_14_1","volume-title":"A study of privacy settings errors in an online social network,\" in PERCOM Workshops","author":"Madejski M.","year":"2012","unstructured":"M. Madejski , M. Johnson , and S. M. Bellovin , \" A study of privacy settings errors in an online social network,\" in PERCOM Workshops , 2012 . M. Madejski, M. Johnson, and S. M. Bellovin, \"A study of privacy settings errors in an online social network,\" in PERCOM Workshops, 2012."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/2068816.2068823"},{"key":"e_1_3_2_1_17_1","doi-asserted-by":"publisher","DOI":"10.1145\/2078827.2078841"},{"key":"e_1_3_2_1_18_1","volume-title":"Privacy protection for social networking apis,\" W2SP","author":"Felt A.","year":"2008","unstructured":"A. Felt and D. Evans , \" Privacy protection for social networking apis,\" W2SP , 2008 . A. Felt and D. Evans, \"Privacy protection for social networking apis,\" W2SP, 2008."},{"key":"e_1_3_2_1_19_1","doi-asserted-by":"publisher","DOI":"10.1109\/SP.2009.22"},{"key":"e_1_3_2_1_20_1","first-page":"3118","volume-title":"Estimating age privacy leakage in online social networks,\" in IEEE INFOCOM","author":"Dey R.","year":"2012","unstructured":"R. Dey , C. Tang , K. Ross , and N. Saxena , \" Estimating age privacy leakage in online social networks,\" in IEEE INFOCOM , p. 3118 , 2012 . R. Dey, C. Tang, K. Ross, and N. Saxena, \"Estimating age privacy leakage in online social networks,\" in IEEE INFOCOM, p. 3118, 2012."},{"key":"e_1_3_2_1_21_1","doi-asserted-by":"publisher","DOI":"10.1145\/1519065.1519089"},{"key":"e_1_3_2_1_22_1","doi-asserted-by":"publisher","DOI":"10.1145\/1879141.1879190"},{"key":"e_1_3_2_1_23_1","unstructured":"Anonymous \"Crawling Renren by ID space enumeration.\" unpublished (Private Communication) 2010.  Anonymous \"Crawling Renren by ID space enumeration.\" unpublished (Private Communication) 2010."}],"event":{"name":"COSN'14: Conference on Online Social Networks","sponsor":["ACM Association for Computing Machinery"],"location":"Dublin Ireland","acronym":"COSN'14"},"container-title":["Proceedings of the second ACM conference on Online social networks"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2660460.2660463","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2660460.2660463","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T06:11:54Z","timestamp":1750227114000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2660460.2660463"}},"subtitle":["problems of OAuth and API design in online social networks"],"short-title":[],"issued":{"date-parts":[[2014,10]]},"references-count":21,"alternative-id":["10.1145\/2660460.2660463","10.1145\/2660460"],"URL":"https:\/\/doi.org\/10.1145\/2660460.2660463","relation":{},"subject":[],"published":{"date-parts":[[2014,10]]},"assertion":[{"value":"2014-10-01","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}