Category:Attack Categorisation By Attacker Model: Difference between revisions

From Single Sign-On Attacks
Jump to navigation Jump to search
No edit summary
No edit summary
 
(One intermediate revision by the same user not shown)
Line 1: Line 1:
This page lists three different attacker models. Each attacker type has different capabilities.
This page lists three different attacker models. Each attacker type has different capabilities.
All of attacker models do not require the attacker to control the network communication.
All of attacker models do not require the attacker to control the network communication.
*Message Generation
*Message Generation [http://www.sso-attacks.org/Category:Attack_Categorisation_By_Attacker_Model:_Message_generation_attacks] <br>
*Access to Valid Token
The attacker is able to generate valid XML messages of the service provider specified format. These messages can be of any publicly available XML format
*Web attacker
(plain XML, SAML, XSLT, DTD etc.) and can contain any data which is publicly available or chosen arbitrarily by the attacker.
<br>
*Access to Valid Token [http://www.sso-attacks.org/Category:Attack_Categorisation_By_Attacker_Model:_Access_to_Valid_Token] <br>
The attacker having access to a valid token '''t = (I, N, D)''' '''(I = Identity, N = Freshness, D = Destination)''' of the victim, including the corresponding signature '''s = SIG_IdP(t)'''. A special case of this attack model occurs, when the attacker himself is a valid user of the system. He can then use his credentials on his '''IdP''' to let it issue tokens for his own account on demand (but not for the victim account).
*Web attacker [http://www.sso-attacks.org/Category:Attack_Categorisation_By_Attacker_Model:_Web_Attacker] <br>
The attacker is able to influence the victim to click on an attacker provided link. This includes both, a technical method to provide an attacker generated link to the user (e.g., by e-mail or through user forums), and the technical and/or social means to convince the user to actually activate (i.e. click on) the link.

Latest revision as of 16:31, 2 February 2016

This page lists three different attacker models. Each attacker type has different capabilities. All of attacker models do not require the attacker to control the network communication.

  • Message Generation [1]

The attacker is able to generate valid XML messages of the service provider specified format. These messages can be of any publicly available XML format (plain XML, SAML, XSLT, DTD etc.) and can contain any data which is publicly available or chosen arbitrarily by the attacker.

  • Access to Valid Token [2]

The attacker having access to a valid token t = (I, N, D) (I = Identity, N = Freshness, D = Destination) of the victim, including the corresponding signature s = SIG_IdP(t). A special case of this attack model occurs, when the attacker himself is a valid user of the system. He can then use his credentials on his IdP to let it issue tokens for his own account on demand (but not for the victim account).

  • Web attacker [3]

The attacker is able to influence the victim to click on an attacker provided link. This includes both, a technical method to provide an attacker generated link to the user (e.g., by e-mail or through user forums), and the technical and/or social means to convince the user to actually activate (i.e. click on) the link.