SlideShare uma empresa Scribd logo

Open ID Security Issues

Transferir como PPT, PDF
Ashish Jain
Ashish Jain

This document summarizes known security issues with the OpenID protocol specification and implementation, including issues related to the browser being a man-in-the-middle for messages, session swapping vulnerabilities, HTML discovery and phishing risks, and end-entity man-in-the-middle attacks between relying parties and identity providers. It provides examples of how protocol specifications and security profiles have helped to address some of these issues but notes that further work is still needed to fully mitigate risks.

Tecnologia
1 de 12
OpenID Security Issues Ashish Jain & Andrew Nash & Jeff Hodges, PayPal Information Risk Management OpenID Summit 2-Nov-2009
Overview ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Protocol Spec Security Issues ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Browser as Man-in-the-middle ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Session Swapping               (1) ,[object Object],[object Object],[object Object],[object Object],[object Object]
Session Swapping               (2) ,[object Object],[object Object],[object Object],[object Object]
Browser/HTTP/Web Issues ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
HTML discovery / Phishing ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
End-entity Man-in-the-middle (RP/OP spoof'g) ,[object Object],[object Object],[object Object],[object Object],[object Object]
Implementation & deployment practices ,[object Object],[object Object],[object Object],[object Object],[object Object],[object Object]
Various items not mentioned above ,[object Object],[object Object],[object Object]
End

Recomendados

AI Machine vs Human
AI Machine vs HumanAI Machine vs Human
AI Machine vs Human
antimo musone
 
Top 5 types of business loans in india
Top 5 types of business loans in indiaTop 5 types of business loans in india
Top 5 types of business loans in india
MyMoneyMantra
 
Attacking SSO (SAML) - Breaking into the front door of Authentication
Attacking SSO (SAML) - Breaking into the front door of AuthenticationAttacking SSO (SAML) - Breaking into the front door of Authentication
Attacking SSO (SAML) - Breaking into the front door of Authentication
Amit Kumar
 
Password protection
Password protection Password protection
Password protection
JamaicaLeslieNoveno
 
25 Biggest Company and Product Failures
25 Biggest Company and Product Failures25 Biggest Company and Product Failures
25 Biggest Company and Product Failures
Jesse Daniel
 
Unusual Web Bugs
Unusual Web BugsUnusual Web Bugs
Unusual Web Bugs
amiable_indian
 
Web Bugs
Web BugsWeb Bugs
Web Bugs
Dr Rushi Raval
 
AppSec 2007 - .NET Web Services Hacking
AppSec 2007 - .NET Web Services HackingAppSec 2007 - .NET Web Services Hacking
AppSec 2007 - .NET Web Services Hacking
Shreeraj Shah
 

Recomendados

AI Machine vs Human
AI Machine vs HumanAI Machine vs Human
AI Machine vs Human
antimo musone
 
Top 5 types of business loans in india
Top 5 types of business loans in indiaTop 5 types of business loans in india
Top 5 types of business loans in india
MyMoneyMantra
 
Attacking SSO (SAML) - Breaking into the front door of Authentication
Attacking SSO (SAML) - Breaking into the front door of AuthenticationAttacking SSO (SAML) - Breaking into the front door of Authentication
Attacking SSO (SAML) - Breaking into the front door of Authentication
Amit Kumar
 
Password protection
Password protection Password protection
Password protection
JamaicaLeslieNoveno
 
25 Biggest Company and Product Failures
25 Biggest Company and Product Failures25 Biggest Company and Product Failures
25 Biggest Company and Product Failures
Jesse Daniel
 
Unusual Web Bugs
Unusual Web BugsUnusual Web Bugs
Unusual Web Bugs
amiable_indian
 
Web Bugs
Web BugsWeb Bugs
Web Bugs
Dr Rushi Raval
 
AppSec 2007 - .NET Web Services Hacking
AppSec 2007 - .NET Web Services HackingAppSec 2007 - .NET Web Services Hacking
AppSec 2007 - .NET Web Services Hacking
Shreeraj Shah
 
Web Application Security and Release of "WhiteHat Arsenal"
Web Application Security and Release of "WhiteHat Arsenal"Web Application Security and Release of "WhiteHat Arsenal"
Web Application Security and Release of "WhiteHat Arsenal"
Jeremiah Grossman
 
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...
Start Pad
 
Defcon9 Presentation2001
Defcon9 Presentation2001Defcon9 Presentation2001
Defcon9 Presentation2001
Miguel Ibarra
 
Web Application Security - "In theory and practice"
Web Application Security - "In theory and practice"Web Application Security - "In theory and practice"
Web Application Security - "In theory and practice"
Jeremiah Grossman
 
Web API Security
Web API SecurityWeb API Security
Web API Security
Stefaan
 
A Network Centric Design For Relationship Based Rights Management (Tin180 Com)
A Network Centric Design For Relationship Based Rights Management (Tin180 Com)A Network Centric Design For Relationship Based Rights Management (Tin180 Com)
A Network Centric Design For Relationship Based Rights Management (Tin180 Com)
Tin180 VietNam
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
Abdul Wahid
 
Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010
Shreeraj Shah
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )
Jay Nagar
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
Oliver Pfaff
 
Examining And Bypassing The IE8 XSS Filter
Examining And Bypassing The IE8 XSS FilterExamining And Bypassing The IE8 XSS Filter
Examining And Bypassing The IE8 XSS Filter
kuza55
 
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Amazon Web Services
 
Application Security
Application SecurityApplication Security
Application Security
nirola
 
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Amazon Web Services
 
Api Design and More (Friday Training at Itnig)
Api Design and More (Friday Training at Itnig)Api Design and More (Friday Training at Itnig)
Api Design and More (Friday Training at Itnig)
itnig
 
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
Felipe Prado
 
Top Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.NetTop Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.Net
alsmola
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s canners
Rashid Khatmey
 
Jordi Romero Api for-the-mobile-era
Jordi Romero Api for-the-mobile-eraJordi Romero Api for-the-mobile-era
Jordi Romero Api for-the-mobile-era
.toster
 
Web-services
Web-services Web-services
Web-services
webhostingguy
 
CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSO
Ashish Jain
 
Mobile SSO using NAPPS
Mobile SSO using NAPPSMobile SSO using NAPPS
Mobile SSO using NAPPS
Ashish Jain
 

Mais conteúdo relacionado

Semelhante a Open ID Security Issues

Web Application Security and Release of "WhiteHat Arsenal"
Web Application Security and Release of "WhiteHat Arsenal"Web Application Security and Release of "WhiteHat Arsenal"
Web Application Security and Release of "WhiteHat Arsenal"
Jeremiah Grossman
 
Defcon9 Presentation2001
Defcon9 Presentation2001Defcon9 Presentation2001
Defcon9 Presentation2001
Miguel Ibarra
 
Web Application Security - "In theory and practice"
Web Application Security - "In theory and practice"Web Application Security - "In theory and practice"
Web Application Security - "In theory and practice"
Jeremiah Grossman
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
Abdul Wahid
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
Oliver Pfaff
 
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Amazon Web Services
 
Application Security
Application SecurityApplication Security
Application Security
nirola
 
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Amazon Web Services
 
Jordi Romero Api for-the-mobile-era
Jordi Romero Api for-the-mobile-eraJordi Romero Api for-the-mobile-era
Jordi Romero Api for-the-mobile-era
.toster
 

Semelhante a Open ID Security Issues (20)

Web Application Security and Release of "WhiteHat Arsenal"
Web Application Security and Release of "WhiteHat Arsenal"Web Application Security and Release of "WhiteHat Arsenal"
Web Application Security and Release of "WhiteHat Arsenal"
 
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...
StartPad Countdown 2 - Startup Security: Hacking and Compliance in a Web 2.0 ...
 
Defcon9 Presentation2001
Defcon9 Presentation2001Defcon9 Presentation2001
Defcon9 Presentation2001
 
Web Application Security - "In theory and practice"
Web Application Security - "In theory and practice"Web Application Security - "In theory and practice"
Web Application Security - "In theory and practice"
 
Web API Security
Web API SecurityWeb API Security
Web API Security
 
A Network Centric Design For Relationship Based Rights Management (Tin180 Com)
A Network Centric Design For Relationship Based Rights Management (Tin180 Com)A Network Centric Design For Relationship Based Rights Management (Tin180 Com)
A Network Centric Design For Relationship Based Rights Management (Tin180 Com)
 
Web Application Security
Web Application SecurityWeb Application Security
Web Application Security
 
Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010Web Attacks - Top threats - 2010
Web Attacks - Top threats - 2010
 
Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )Website hacking and prevention (All Tools,Topics & Technique )
Website hacking and prevention (All Tools,Topics & Technique )
 
Identity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric IdentityIdentity 2.0 and User-Centric Identity
Identity 2.0 and User-Centric Identity
 
Examining And Bypassing The IE8 XSS Filter
Examining And Bypassing The IE8 XSS FilterExamining And Bypassing The IE8 XSS Filter
Examining And Bypassing The IE8 XSS Filter
 
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
Gain visibility and real-time security alerts with VPC Flow Logs & AWS - DEM0...
 
Application Security
Application SecurityApplication Security
Application Security
 
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
Gain visibility & real-time actionable security alerts with VPC Flow Logs & A...
 
Api Design and More (Friday Training at Itnig)
Api Design and More (Friday Training at Itnig)Api Design and More (Friday Training at Itnig)
Api Design and More (Friday Training at Itnig)
 
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
DEF CON 27 - DANIEL ROMERO and MARIO RIVAS - why you should fear your mundane...
 
Top Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.NetTop Ten Tips For Tenacious Defense In Asp.Net
Top Ten Tips For Tenacious Defense In Asp.Net
 
2 . web app s canners
2 . web app s canners2 . web app s canners
2 . web app s canners
 
Jordi Romero Api for-the-mobile-era
Jordi Romero Api for-the-mobile-eraJordi Romero Api for-the-mobile-era
Jordi Romero Api for-the-mobile-era
 
Web-services
Web-services Web-services
Web-services
 

Mais de Ashish Jain

MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013
Ashish Jain
 
PayPal OpenID User Experience
PayPal OpenID User ExperiencePayPal OpenID User Experience
PayPal OpenID User Experience
Ashish Jain
 
UsingMiles - OpenID Retail Summit at PayPal
UsingMiles - OpenID Retail Summit at PayPalUsingMiles - OpenID Retail Summit at PayPal
UsingMiles - OpenID Retail Summit at PayPal
Ashish Jain
 
Kodak - OpenID Retail Summit at PayPal
Kodak - OpenID Retail Summit at PayPalKodak - OpenID Retail Summit at PayPal
Kodak - OpenID Retail Summit at PayPal
Ashish Jain
 
Angies List - OpenID Retail Summit at PayPal
Angies List - OpenID Retail Summit at PayPal Angies List - OpenID Retail Summit at PayPal
Angies List - OpenID Retail Summit at PayPal
Ashish Jain
 
eBay - OpenID Retail Summit at PayPal
eBay - OpenID Retail Summit at PayPaleBay - OpenID Retail Summit at PayPal
eBay - OpenID Retail Summit at PayPal
Ashish Jain
 
Spec Update - OpenID Retail Summit at PayPal
Spec Update - OpenID Retail Summit at PayPalSpec Update - OpenID Retail Summit at PayPal
Spec Update - OpenID Retail Summit at PayPal
Ashish Jain
 

Mais de Ashish Jain (17)

CIS 2015 Mobile SSO
CIS 2015 Mobile SSOCIS 2015 Mobile SSO
CIS 2015 Mobile SSO
 
Mobile SSO using NAPPS
Mobile SSO using NAPPSMobile SSO using NAPPS
Mobile SSO using NAPPS
 
MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013MDM/MAM/MIM Workshop - CIS 2013
MDM/MAM/MIM Workshop - CIS 2013
 
Mobile Devices in the Enterprise: What IT needs to know
Mobile Devices in the Enterprise: What IT needs to knowMobile Devices in the Enterprise: What IT needs to know
Mobile Devices in the Enterprise: What IT needs to know
 
PayPal OpenID User Experience
PayPal OpenID User ExperiencePayPal OpenID User Experience
PayPal OpenID User Experience
 
UsingMiles - OpenID Retail Summit at PayPal
UsingMiles - OpenID Retail Summit at PayPalUsingMiles - OpenID Retail Summit at PayPal
UsingMiles - OpenID Retail Summit at PayPal
 
Kodak - OpenID Retail Summit at PayPal
Kodak - OpenID Retail Summit at PayPalKodak - OpenID Retail Summit at PayPal
Kodak - OpenID Retail Summit at PayPal
 
Angies List - OpenID Retail Summit at PayPal
Angies List - OpenID Retail Summit at PayPal Angies List - OpenID Retail Summit at PayPal
Angies List - OpenID Retail Summit at PayPal
 
eBay - OpenID Retail Summit at PayPal
eBay - OpenID Retail Summit at PayPaleBay - OpenID Retail Summit at PayPal
eBay - OpenID Retail Summit at PayPal
 
Spec Update - OpenID Retail Summit at PayPal
Spec Update - OpenID Retail Summit at PayPalSpec Update - OpenID Retail Summit at PayPal
Spec Update - OpenID Retail Summit at PayPal
 
OpenID Retail Summit at PayPal - PayPal Identity
OpenID Retail Summit at PayPal - PayPal IdentityOpenID Retail Summit at PayPal - PayPal Identity
OpenID Retail Summit at PayPal - PayPal Identity
 
PayPal Identity Services - Innovate 2010
PayPal Identity Services - Innovate 2010PayPal Identity Services - Innovate 2010
PayPal Identity Services - Innovate 2010
 
Open Id Summit
Open Id SummitOpen Id Summit
Open Id Summit
 
Say no to Bottled water
Say no to Bottled waterSay no to Bottled water
Say no to Bottled water
 
Consumer Privacy
Consumer PrivacyConsumer Privacy
Consumer Privacy
 
Identity Enabling Web Services
Identity Enabling Web ServicesIdentity Enabling Web Services
Identity Enabling Web Services
 
Concordia
ConcordiaConcordia
Concordia
 

Último

TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
Principled Technologies
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
Igalia
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Safe Software
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Miguel Araújo
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
?#DUbAI#??##{{(☎️+971_581248768%)**%*]'#abortion pills for sale in dubai@
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc
 

Último (20)

Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024Partners Life - Insurer Innovation Award 2024
Partners Life - Insurer Innovation Award 2024
 
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data DiscoveryTrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
TrustArc Webinar - Unlock the Power of AI-Driven Data Discovery
 
Boost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivityBoost PC performance: How more available memory can improve productivity
Boost PC performance: How more available memory can improve productivity
 
A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?A Year of the Servo Reboot: Where Are We Now?
A Year of the Servo Reboot: Where Are We Now?
 
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
 
HTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation StrategiesHTML Injection Attacks: Impact and Mitigation Strategies
HTML Injection Attacks: Impact and Mitigation Strategies
 
Scaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organizationScaling API-first – The story of a global engineering organization
Scaling API-first – The story of a global engineering organization
 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
 
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
Mastering MySQL Database Architecture: Deep Dive into MySQL Shell and MySQL R...
 
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemkeProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
ProductAnonymous-April2024-WinProductDiscovery-MelissaKlemke
 
A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)A Domino Admins Adventures (Engage 2024)
A Domino Admins Adventures (Engage 2024)
 
🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘🐬 The future of MySQL is Postgres 🐘
🐬 The future of MySQL is Postgres 🐘
 
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
+971581248768>> SAFE AND ORIGINAL ABORTION PILLS FOR SALE IN DUBAI AND ABUDHA...
 
Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...Apidays New York 2024 - The value of a flexible API Management solution for O...
Apidays New York 2024 - The value of a flexible API Management solution for O...
 
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
Apidays Singapore 2024 - Building Digital Trust in a Digital Economy by Veron...
 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
 
Real Time Object Detection Using Open CV
Real Time Object Detection Using Open CVReal Time Object Detection Using Open CV
Real Time Object Detection Using Open CV
 
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
Bajaj Allianz Life Insurance Company - Insurer Innovation Award 2024
 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
 
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law DevelopmentsTrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
TrustArc Webinar - Stay Ahead of US State Data Privacy Law Developments
 

Open ID Security Issues

  • 1. OpenID Security Issues Ashish Jain & Andrew Nash & Jeff Hodges, PayPal Information Risk Management OpenID Summit 2-Nov-2009
  • 2.
  • 3.
  • 4.
  • 5.
  • 6.
  • 7.
  • 8.
  • 9.
  • 10.
  • 11.
  • 12. End