Authorization and authentication are cornerstones of computer security. As systems become larger, faster and more complex, authorization and authentication methods and protocols are proving to have limits and challenges. The research cited here explores new methods and techniques for improving security in cloud environments, efficient cryptographic computations, and exascale storage systems.

• “Explicating SDKs: Uncovering Assumptions Underlying Secure Authentication and Authorization”, Rui Wang, Yuchen Zhou , Shuo Chen, Shaz Qadeer, David Evans, and Yuri Gurevich, SEC'13: Proceedings of the 22nd USENIX conference on Security. August 2013. (ID#:14-1219) Available at: http://research.microsoft.com/apps/pubs/?id=193974

• “Authentication and Authorization for Native Mobile Applications using OAuth 2.0”Aas, Dag-Inge (Student thesis, Norwegian University of Science and Technology, Faculty of Information Technology, Mathematics and Electrical Engineering, Department of Computer and Information Science) (ID#:14-1229) Available at: http://urn.kb.se/resolve?urn=urn:nbn:no:ntnu:diva-22969 Given the recent concerns about security and ease-of-use surrounding OAuth 2.0, the author reviews four approaches to mobile authorization using OAuth 2.0, and suggests a solution that, although improved, is still not completely secure.

• “Practical out-of-band authentication for mobile applications” Kapil Singh, Larry Koved, Middleware Industry '13: Proceedings of the Industrial Track of the 13th ACM/IFIP/USENIX International Middleware Conference December 2013 (ID#:14-1220) Available at: http://dl.acm.org/citation.cfm?id=2541596.2541599&coll=DL&dl=GUIDE&CFID=296356373&CFTOKEN=68261084 (fee required)

• A Guide to Claims-Based Identity and Access Control: Authentication and Authorization for Services and the Web.(2d Edition) Dominick Baier, Vittorio Bertocci, Keith Brown, Scott Densmore, Eugenio Pace, Matias Woloski. (ID#:14-1221) Available for download at: http://dl.acm.org/citation.cfm?id=2523246&coll=DL&dl=GUIDE&CFID=296356373&CFTOKEN=68261084 (fee required).

• “Visual authentication: a secure single step authentication for user authorization” Luis Roalter, Matthias Kranz, Andreas Möller, Stefan Diewald, Tobias Stockinger, Marion Koelle, Patrick Lindemann. Proceedings of the 12th International Conference on Mobile and Ubiquitous Multimedia December 2013. (ID#:14-1222) Available at: http://dl.acm.org/citation.cfm?id=2541831.2541863&coll=DL&dl=GUIDE&CFID=296356373&CFTOKEN=68261084 (fee required). The authors present a distributed authentication and authorization procedure that can increase security while at the same time providing fast authentication on public networks

• “A Framework for Authentication and Authorization Credentials in Cloud Computing” Nelson Mimura Gonzalez, Marco Antônio Torrez Rojas, Marcos Vinícius Maciel da Silva, Fernando Redígolo, Tereza Cristina Melo de Brito Carvalho, Charles Christian Miers, Mats Näslund, Abu Shohel Ahmed. TRUSTCOM '13: Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications July 2013 (ID#:14-1223) Available at: http://dl.acm.org/citation.cfm?id=2554136.2554202&coll=DL&dl=GUIDE&CFID=296356373&CFTOKEN=68261084 (fee required)

• “Security and performance evaluation of security protocols” Richard Brooks, Benafsh Husain, SeokBae Yun, Juan Deng . CSIIRW '13: Proceedings of the Eighth Annual Cyber Security and Information Intelligence Research Workshop January 2013. (ID#:14-1224) Available at: http://dl.acm.org/citation.cfm?id=2459976.2459979&coll=DL&dl=GUIDE&CFID=296356373&CFTOKEN=68261084 (fee required)

• “Design and Implementation of Authentication and Authorization Flow in ESCP System” Chundong Wang, Guangming Bo, Yaohui Zhang. EIDWT '13: Proceedings of the 2013 Fourth International Conference on Emerging Intelligent Data and Web Technologies September 2013 (ID#:14-1225) Available at: http://dl.acm.org/citation.cfm?id=2547445.2547607&coll=DL&dl=GUIDE&CFID=296356373&CFTOKEN=68261084 (fee required)

• “Authentication, Authorization and File Synchronization in Hybrid Cloud: On Case of Google Docs, Hadoop and Linux Local Hosts” Johannes K. Chiang, Eric H. -W. Yen, Yen-Hua Chen. ISBAST '13: Proceedings of the 2013 International Symposium on Biometrics and Security Technologies July 2013 (ID#:14-1226) Available at: http://dl.acm.org/citation.cfm?id=2551528.2551566&coll=DL&dl=GUIDE&CFID=296356373&CFTOKEN=68261084 (fee required)

• “An enhanced mechanism with cryptographic computation cost reduction in AAA-mobile IP architecture“ Pham Ngoc Thanh, Keecheon Kim. ICUIMC '13: Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication January 2013 (ID#:14-1227) Available at: http://dl.acm.org/citation.cfm?id=2448556.2448662&coll=DL&dl=GUIDE&CFID=296356373&CFTOKEN=68261084 (fee required) This paper proposes a new authentication mechanism which lessens heavy cryptographic to facilitate key distribution.

• “Logical foundations of secure resource management in protocol implementations” Michele Bugliesi, Stefano Calzavara, Fabienne Eigner, Matteo Maffei , POST'13: Proceedings of the Second international conference on Principles of Security and Trust March 2013 (ID#:14-1228) Available at: http://dl.acm.org/citation.cfm?id=2450461.2450471&coll=DL&dl=GUIDE&CFID=296356373&CFTOKEN=68261084 (fee required)

Note:

Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) SecureDataBank.net for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.