For students and professors

We are thinking that security analysis of real-world SSO mechanisms may have great educational values, especially for students who are studying web services security, security protocol verification, and other related topics. So if you are a student or a professor who wants to use the topic for your course project, feel free to take a look at following sample project we designed for you. You are of course very welcome to come up with your own design. Shoot an email to ruiwanATmicrosoftDOTcom if you need any help.

Course Project: Security Analysis of Web Single-Sign-On Mechanisms

Description: Recent years, we see the first-time large-scale deployment of Web Single-Sign-On (web SSO) services provided by Facebook, Google, Twitter, Microsoft, and others. Billions of web accounts have been enabled to use the SSO services, whose security, therefore, become very critical. In this course project, you will have the opportunity to study real-world websites, and evaluate the security quality of their SSO mechanisms. You are very encouraged to find practical vulnerabilities, which will have impact on the real world.

Tools:

  1. You will need to learn how to capture raw web traffic using a Firefox addon Live HTTP Headers.
  2. You also need to learn how to use the traffic analysis tool called BRM Analyzer to extract the semantic information of a SSO mechanism from web traffic. The documentation can be accessed here.
  3. There is a forum on which you can discuss your analysis results with others.

Steps:

  1. Read the paper on web sso security bugs
  2. Install Live HTTP Headers on Firefox browser. Learn how to use it to capture traffic
  3. Learn how to use the BRM Analyzer by reading its documentation. BRM Analyzer is an online tool, so no installation is required
  4. Pick a website which uses SSO services. I will provide a list of interesting websites for you to choose, but feel free to find one which is not in the list. For example, you can pick sears.com, which uses Facebook Login.
  5. Use Live HTTP Headers, and BRM Analyzer to extract the communication model of SSO login.
  6. Study the attacker opportunies under three attack scenarios: malicious browser, malicious RP, and malicious website. Design and run tests to verify attack opportunities that you see.
  7. Write a technical report regarding this security analysis.

Contact Us Terms of Use Trademarks Privacy Statement © 2012 Microsoft Corporation. All rights reserved.Microsoft