Automated Risk Assessment and Trade-Off Analysis of OpenID Connect and OAuth 2.0 Deployments
This website contains supplementary material related to the paper "Automated Risk Assessment and Trade-Off Analysis of OpenID Connect and OAuth 2.0 Deployments".
Supplementary Materials:
Supplementary Table S1. This table reports the relationship between IdP features and discovery endpoint JSON Keys. (cf. Section 4.1)
Supplementary Table S2. This table reports the list of well-known IdPs and their specification. (cf. Section 4.1)
Supplementary Table S3. This table reports FAPI and OAuth/OIDC Security BCPs. (cf. Section 3.2)
Supplementary Table S4. This table reports the complete OAuth/OIDC Reference Model concerning all response types. (cf. Section 3.2)
Supplementary Table S5. This table reports the definition of atomic features. (cf. Section 3.1)
BCP-Compliant Authorization/Token Requests Schemas. This image represents BCP-Compliant Authorization/Token Requests. (cf. Section 3.2)
IdMP BCP Checker Algorithm:
IdMP BCP Checker Algorithm. This algorithm represents the procedure perform within our tool to check the IdMP against BCPs. (cf. Section 4.2)
IdMP Specification Questionnaires:
IdMP Specification Questionnaire. It represents a list of questions related to the atomic features reported in the reference model. (cf. Section 4.1)
Protection/Likelihood Level Calculation:
Protection and Likelihood Level. It provides a definition besides the rationale behind the values assigned for each atomic feature. (cf. Section 3.1)
developed within Security & Trust Research Unit at Fondazione Bruno Kessler (Italy)