{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2026,4,30]],"date-time":"2026-04-30T23:21:02Z","timestamp":1777591262142,"version":"3.51.4"},"publisher-location":"New York, NY, USA","reference-count":16,"publisher":"ACM","license":[{"start":{"date-parts":[[2020,3,31]],"date-time":"2020-03-31T00:00:00Z","timestamp":1585612800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2020,3,31]]},"DOI":"10.1145\/3386723.3387888","type":"proceedings-article","created":{"date-parts":[[2020,5,25]],"date-time":"2020-05-25T18:06:11Z","timestamp":1590429971000},"page":"1-7","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":8,"title":["Web OAuth-based SSO Systems Security"],"prefix":"10.1145","author":[{"given":"Yassine","family":"Sadqi","sequence":"first","affiliation":[{"name":"Laboratory LIMATI, FPBM, USMS University, Beni Mellal, Morocco"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Yousra","family":"Belfaik","sequence":"additional","affiliation":[{"name":"Laboratory LIMATI, FPBM, USMS University, Beni Mellal, Morocco"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Said","family":"Safi","sequence":"additional","affiliation":[{"name":"Laboratory LIMATI, FPBM, USMS Univesity, Beni Mellal, Morocco"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2020,5,18]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"et al","author":"Bai G.","year":"2013","unstructured":"Bai , G. et al . 2013 . AUTHSCAN : Automatic Extraction of Web Authentication Protocols from Implementations. the 20th Network & Distributed System Security Symposium (NDSS) ( 2013). Bai, G. et al. 2013. AUTHSCAN: Automatic Extraction of Web Authentication Protocols from Implementations. the 20th Network & Distributed System Security Symposium (NDSS) (2013)."},{"key":"e_1_3_2_1_2_1","doi-asserted-by":"publisher","DOI":"10.3233\/JCS-140503"},{"key":"e_1_3_2_1_3_1","volume-title":"27th USENIX Security Symposium USENIX Security 18","author":"Calzavara S.","year":"2018","unstructured":"Calzavara , S. et al. 2018. WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring . 27th USENIX Security Symposium USENIX Security 18 ( 2018 ), 1493--1510. Calzavara, S. et al. 2018. WPSE: Fortifying Web Protocols via Browser-Side Security Monitoring. 27th USENIX Security Symposium USENIX Security 18 (2018), 1493--1510."},{"key":"e_1_3_2_1_4_1","volume-title":"et al","author":"Chari S.","year":"2011","unstructured":"Chari , S. et al . 2011 . Universally Composable Security Analysis of OAuth v2. 0. IACR Cryptology ePrint Archive . 2011, (2011), 526. Chari, S. et al. 2011. Universally Composable Security Analysis of OAuth v2. 0. IACR Cryptology ePrint Archive. 2011, (2011), 526."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1016\/j.infsof.2016.02.005"},{"key":"e_1_3_2_1_6_1","doi-asserted-by":"publisher","DOI":"10.1145\/2976749.2978385"},{"key":"e_1_3_2_1_7_1","volume-title":"27th USENIX Security Symposium","author":"Ghasemisharif M.","year":"2018","unstructured":"Ghasemisharif , M. et al. 2018. O single sign-off, where art thou? an empirical analysis of single sign-on account hijacking and session management on the web . 27th USENIX Security Symposium ( 2018 ), 1475--1492. Ghasemisharif, M. et al. 2018. O single sign-off, where art thou? an empirical analysis of single sign-on account hijacking and session management on the web. 27th USENIX Security Symposium (2018), 1475--1492."},{"key":"e_1_3_2_1_8_1","doi-asserted-by":"publisher","DOI":"10.1145\/2660460.2660463"},{"key":"e_1_3_2_1_9_1","unstructured":"OAuth 2.0 Message Authentication Code (MAC) Tokens: 2012. https:\/\/tools.ietf.org\/id\/draft-ietf-oauth-v2-http-mac-02.html. Accessed: 2020-01-07.  OAuth 2.0 Message Authentication Code (MAC) Tokens: 2012. https:\/\/tools.ietf.org\/id\/draft-ietf-oauth-v2-http-mac-02.html. Accessed: 2020-01-07."},{"key":"e_1_3_2_1_10_1","unstructured":"RFC 6749 - The OAuth 2.0 Authorization Framework: https:\/\/tools.ietf.org\/html\/rfc6749. Accessed: 2020-01-06.  RFC 6749 - The OAuth 2.0 Authorization Framework: https:\/\/tools.ietf.org\/html\/rfc6749. Accessed: 2020-01-06."},{"key":"e_1_3_2_1_11_1","unstructured":"RFC 6819 - OAuth 2.0 Threat Model and Security Considerations: https:\/\/tools.ietf.org\/html\/rfc6819. Accessed: 2020-01-06.  RFC 6819 - OAuth 2.0 Threat Model and Security Considerations: https:\/\/tools.ietf.org\/html\/rfc6819. Accessed: 2020-01-06."},{"key":"e_1_3_2_1_12_1","doi-asserted-by":"publisher","DOI":"10.1145\/2382196.2382238"},{"key":"e_1_3_2_1_13_1","volume-title":"et al","author":"Wang R.","year":"2013","unstructured":"Wang , R. et al . 2013 . Explicating sdks: Uncovering assumptions underlying secure authentication and authorization. the 22nd USENIX Security Symposium ( 2013), 399--314. Wang, R. et al. 2013. Explicating sdks: Uncovering assumptions underlying secure authentication and authorization. the 22nd USENIX Security Symposium (2013), 399--314."},{"key":"e_1_3_2_1_14_1","doi-asserted-by":"publisher","DOI":"10.1145\/2897845.2897874"},{"key":"e_1_3_2_1_15_1","volume-title":"27th USENIX Security Symposium","author":"Yang R.","year":"2018","unstructured":"Yang , R. et al. 2018. Vetting Single Sign-On SDK: Implementations via Symbolic Reasoning . 27th USENIX Security Symposium ( 2018 ), 1459--1474. Yang, R. et al. 2018. Vetting Single Sign-On SDK: Implementations via Symbolic Reasoning. 27th USENIX Security Symposium (2018), 1459--1474."},{"key":"e_1_3_2_1_16_1","doi-asserted-by":"publisher","DOI":"10.1145\/3133956.3134089"}],"event":{"name":"NISS2020: The 3rd International Conference on Networking, Information Systems & Security","location":"Marrakech Morocco","acronym":"NISS2020"},"container-title":["Proceedings of the 3rd International Conference on Networking, Information Systems &amp; Security"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3386723.3387888","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/3386723.3387888","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,17]],"date-time":"2025-06-17T22:38:19Z","timestamp":1750199899000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/3386723.3387888"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2020,3,31]]},"references-count":16,"alternative-id":["10.1145\/3386723.3387888","10.1145\/3386723"],"URL":"https:\/\/doi.org\/10.1145\/3386723.3387888","relation":{},"subject":[],"published":{"date-parts":[[2020,3,31]]},"assertion":[{"value":"2020-05-18","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}