Analiza ranjivosti protokola OAuth 2.0

Bijelić, Adrian

prikaz prve stranice dokumenta Analiza ranjivosti protokola OAuth 2.0

No public access

master's thesis

Analiza ranjivosti protokola OAuth 2.0

2020. urn:nbn:hr:168:503528

Bijelić, Adrian

University of Zagreb
Faculty of Electrical Engineering and Computing

Cite this document

APA 6th Edition

Bijelić, A. (2020). Analiza ranjivosti protokola OAuth 2.0 (Master's thesis). Zagreb: University of Zagreb, Faculty of Electrical Engineering and Computing. Retrieved from https://urn.nsk.hr/urn:nbn:hr:168:503528

MLA 8th Edition

Bijelić, Adrian. "Analiza ranjivosti protokola OAuth 2.0." Master's thesis, University of Zagreb, Faculty of Electrical Engineering and Computing, 2020. https://urn.nsk.hr/urn:nbn:hr:168:503528

Chicago 17th Edition

Bijelić, Adrian. "Analiza ranjivosti protokola OAuth 2.0." Master's thesis, University of Zagreb, Faculty of Electrical Engineering and Computing, 2020. https://urn.nsk.hr/urn:nbn:hr:168:503528

Harvard

Bijelić, A. (2020). 'Analiza ranjivosti protokola OAuth 2.0', Master's thesis, University of Zagreb, Faculty of Electrical Engineering and Computing, accessed 11 April 2024, https://urn.nsk.hr/urn:nbn:hr:168:503528

Vancouver

Bijelić A. Analiza ranjivosti protokola OAuth 2.0 [Master's thesis]. Zagreb: University of Zagreb, Faculty of Electrical Engineering and Computing; 2020 [cited 2024 April 11] Available at: https://urn.nsk.hr/urn:nbn:hr:168:503528

IEEE

A. Bijelić, "Analiza ranjivosti protokola OAuth 2.0", Master's thesis, University of Zagreb, Faculty of Electrical Engineering and Computing, Zagreb, 2020. Available at: https://urn.nsk.hr/urn:nbn:hr:168:503528

Cite this item: https://urn.nsk.hr/urn:nbn:hr:168:503528

Please login to the repository to save this object to your list.

Metadata

Title	Analiza ranjivosti protokola OAuth 2.0
Title (english)	OAuth 2.0 Protocol Vulnerability Analysis
Author	Adrian Bijelić
Mentor	Marin Vuković (mentor)
Committee member	Marin Vuković (predsjednik povjerenstva)
Committee member	Miljenko Mikuc (član povjerenstva)
Committee member	Dragan Jevtić (član povjerenstva)
Granter	University of Zagreb Faculty of Electrical Engineering and Computing Zagreb
Defense date and country	2020-07-08, Croatia
Scientific / art field, discipline and subdiscipline	TECHNICAL SCIENCES Computing
Abstract	OAuth je protokol definiran kao industrijski standard koji služi za autorizaciju. Zamišljen je kao jednostavna apstrakcija koja pruža autorizaciju za mnoge aplikacije. Apstrakcija dopušta različite tipove autorizacije. Postoji tako tip koji se temelji na autorizacijskom kodu, implicitni tip, tip koji se temelji na lozinki, tip koji se temelji na pristupnim podacima, tip koji se temelji na kodu uređaja i tip koji se temelji na osvježavajućem tokenu. Preporučeno je koristiti tip temeljen na autorizacijskom kodu jer je najsigurniji. Kao i svaki drugi protokol, OAuth nije u potpunosti siguran. Ono što ga činim sigurnim jesu sustavi koji ga koriste. Dovoljan je jedan sustav koji je nesiguran kako bi čitav protokol bio nesiguran. Kako bi sigurnost bila bolja, na tržištu su se pojavile implementacije autorizacijskih poslužitelja koji koriste protokol OAuth. Ideja je takvih poslužitelja odvojiti funkcionalnost autorizacije i uz to održavati razinu sigurnosti. Jedan takav autorizacijski poslužitelj je Keycloak. Problem je s klijentima koji i dalje ovise o implementaciji programera. Za napadača je dovoljan propust na klijentu, tako da sigurnost najviše ovisi o implementaciji klijenta, ali i o protokolima koji dohvaćaju kod klijenta na pretraživačima.
Abstract (english)	OAuth is a protocol defined as an industry standard used for authorization. It is designed as an abstraction for many applications that provides authorization. It allows for different types of authorization. There are authorization code, implicit, password, client credential, a device code, and a refresh token. It is recommended to use the type based on the authorization code because it is the most secure. Like any other protocol, OAuth is not secure. Its security depends on the systems that use it. One insecure system is enough to make the whole protocol are insecure. To improve security, implementations of authorization servers using the OAuth protocol have appeared on the market. The idea of such servers is to separate the authorization functionality and at the same time maintain the level of security. One such authorization server is Keycloak. The problem remains with clients who still depend on the implementation of the developer. As other servers can be built using security plug-ins, security is most dependent on a client deployment. In addition to the client, another major threat is insecure protocols that retrieve the client.
Keywords
Keywords (english)
Language	croatian
URN:NBN	urn:nbn:hr:168:503528
Study programme	Title: Computing Study programme type: university Study level: graduate Academic / professional title: magistar/magistra inženjer/inženjerka računarstva (magistar/magistra inženjer/inženjerka računarstva)
Type of resource	Text
File origin	Born digital
Access conditions	Closed access
Terms of use
Public note
Created on	2023-01-13 09:46:43