Go to DBLP homepageAndroid single sign-on security: Issues, taxonomy and directions
Abstract: Highlights•We present OAuth 2.0 authorization code grant flow and implicit grant flow in detail and summarize the differences between the Web environment and the Android environment that affect OAuth 2.0 security.•We summarize the security issues that often appear in the implementations of OAuth 2.0 on Android. We detail these security issues in the following aspects: vulnerabilities, attacks and attack results.•We summarize the research work that is related to these security issues and classify them by their purposes. To the best of our knowledge, this is the first survey that focuses on Android SSO security.•we discuss the directions for enhancing OAuth 2.0 security on Android and discuss some of the OAuth 2.0 based protocols in the IoT environment.
Loading