Slide 32
Slide 32 text
32
参考⽂献
• [1] https://github.com/oidc-scenario-based-tester/osbt
• [2] https://qiita.com/melonattacker/items/ba6718feb8864dbdd2bf
• [3] https://github.com/melonattacker/oidc-access-control
• [4] Ethan Heilman, Lucie Mugnier, Athanasios Filippidis, Sharon Goldberg et al, "OpenPubkey:
Augmenting OpenID Connect with User held Signing Keys", Cryptology ePrint Archive, 2023.
• [5] Nick Nikiforakis, Wannes Meert, Yves Younan, Martin Johns, Wouter Joosen, "SessionShield:
Lightweight Protection against Session Hijacking", In Proceedings of the 3rd International
Symposium on Engineering Secure Software and Systems (ESSoS 2011), 2011.
• [6] Michele Bugliesi, Stefano Calzavara, Riccardo Focardi, Wilayat Khan, "CookiExt: Patching the
browser against session hijacking attacks", Journal of Computer Security, vol. 23, no. 4, pp. 509-
537, 2015.
• [7] Italo Dacosta, Saurabh Chakradeo, Mustaque Ahamad, Patrick Traynor, "One-time cookies:
Preventing session hijacking attacks with stateless authentication tokens", ACM Transactions on
Internet Technology, vol. 12, no. 1, pp. 1-24, 2012.
• [8] Philippe De Ryck, Lieven Desmet, Frank Piessens, Wouter Joosen, "SecSess: Keeping your
Session Tucked Away in your Browser", In Proceedings of the 30th Annual ACM Symposium on
Applied Computing (SAC 2015), 2015.
• 画像
• https://flaticon.com
• https://ftsafe.co.jp/products/fido/