Security

Recommendation Models for Open Authorization

Free registration required

Executive Summary

Major online platforms such as Facebook, Google, and Twitter allow third-party applications such as games, and productivity applications access to user online private data. Such accesses must be authorized by users at installation time. The Open Authorization protocol (OAuth) was introduced as a secure and efficient method for authorizing third-party applications without releasing a user's access credentials. However, OAuth implementations don't provide the necessary fine-grained access control, nor any recommendations, i.e., which access control decisions are most appropriate.

  • Format: PDF
  • Size: 2327.79 KB