Visible to the public Authentication and Authorization

SoS Newsletter- Advanced Book Block

Authentication and Authorization

Authorization and authentication are cornerstones of computer security. As systems become larger, faster and more complex, authorization and authentication methods and protocols are proving to have limits and challenges. The research cited here explores new methods and techniques for improving security in cloud environments, efficient cryptographic computations, and exascale storage systems.

  • "Explicating SDKs: Uncovering Assumptions Underlying Secure Authentication and Authorization", Rui Wang, Yuchen Zhou , Shuo Chen, Shaz Qadeer, David Evans, and Yuri Gurevich, SEC'13: Proceedings of the 22nd USENIX conference on Security. August 2013. (ID#:14-1219) Available at:
  • "Authentication and Authorization for Native Mobile Applications using OAuth 2.0"Aas, Dag-Inge (Student thesis, Norwegian University of Science and Technology, Faculty of Information Technology, Mathematics and Electrical Engineering, Department of Computer and Information Science) (ID#:14-1229) Available at: Given the recent concerns about security and ease-of-use surrounding OAuth 2.0, the author reviews four approaches to mobile authorization using OAuth 2.0, and suggests a solution that, although improved, is still not completely secure.
  • "Visual authentication: a secure single step authentication for user authorization" Luis Roalter, Matthias Kranz, Andreas Moller, Stefan Diewald, Tobias Stockinger, Marion Koelle, Patrick Lindemann. Proceedings of the 12th International Conference on Mobile and Ubiquitous Multimedia December 2013. (ID#:14-1222) Available at: (fee required). The authors present a distributed authentication and authorization procedure that can increase security while at the same time providing fast authentication on public networks
  • "A Framework for Authentication and Authorization Credentials in Cloud Computing" Nelson Mimura Gonzalez, Marco Antonio Torrez Rojas, Marcos Vinicius Maciel da Silva, Fernando Redigolo, Tereza Cristina Melo de Brito Carvalho, Charles Christian Miers, Mats Naslund, Abu Shohel Ahmed. TRUSTCOM '13: Proceedings of the 2013 12th IEEE International Conference on Trust, Security and Privacy in Computing and Communications July 2013 (ID#:14-1223) Available at: (fee required)
  • "An enhanced mechanism with cryptographic computation cost reduction in AAA-mobile IP architecture" Pham Ngoc Thanh, Keecheon Kim. ICUIMC '13: Proceedings of the 7th International Conference on Ubiquitous Information Management and Communication January 2013 (ID#:14-1227) Available at: (fee required) This paper proposes a new authentication mechanism which lessens heavy cryptographic to facilitate key distribution.


Articles listed on these pages have been found on publicly available internet pages and are cited with links to those pages. Some of the information included herein has been reprinted with permission from the authors or data repositories. Direct any requests via Email to SoS.Project (at) for removal of the links or modifications to specific citations. Please include the ID# of the specific citation in your correspondence.