liu.seSearch for publications in DiVA
Change search
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf
A Longitudinal Characterization of the Third-Party Authentication Landscape
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
Linköping University, Department of Computer and Information Science, Database and information techniques. Linköping University, Faculty of Science & Engineering.
Show others and affiliations
2022 (English)In: 2022 IFIP Networking Conference (IFIP Networking), IEEE , 2022Conference paper, Published paper (Refereed)
Abstract [en]

Many websites offer users to authenticate using third-party identity providers (IDPs) such as Facebook or Google. As part of the signup process, these websites often ask the user to give them additional permissions with the IDP (e.g., some data sharing or authorize some actions) that can have significant privacy implications. Motivated by the increased scrutiny of Facebook and other popular IDPs (e.g., due to the 2018 Cambridge Analytica scandal), we present a longitudinal analysis of the IDP usage and permissions changes over the past nine years (2012–2021) as well as a large-scale characterization of the current state. Our longitudinal analysis identifies trends and characterizes changes in both the IDP usage and permission agreements of different subsets of websites. For our large-scale analysis, we develop and share a Selenium-based measurement framework that we use to collect datasets. Using this data, we study the IDP usage across popularity ranges, the permissions used in the wild, and highlight differences between websites using different IDPs and those that do not. Our analysis shows increased IDP usage, especially among the most popular websites, and that the permission requests on average are becoming more modest but also brings forward significant exceptions that may need further scrutiny.

Place, publisher, year, edition, pages
IEEE , 2022.
National Category
Computer Sciences
Identifiers
URN: urn:nbn:se:liu:diva-188888DOI: 10.23919/IFIPNetworking55013.2022.9829804ISI: 000855528800043ISBN: 9783903176485 (electronic)OAI: oai:DiVA.org:liu-188888DiVA, id: diva2:1700110
Conference
IFIP Networking Conference (IFIP Networking), Catania, ITALY, jun 13-16, 2022
Available from: 2022-09-29 Created: 2022-09-29 Last updated: 2022-11-10Bibliographically approved

Open Access in DiVA

No full text in DiVA

Other links

Publisher's full text

Authority records

Carlsson, Niklas

Search in DiVA

By author/editor
Jarpehult, OscarJosefsson Ågren, FredrikBäckström, MadeleineHallonqvist, LinnCarlsson, Niklas
By organisation
Database and information techniquesFaculty of Science & Engineering
Computer Sciences

Search outside of DiVA

GoogleGoogle Scholar

doi
isbn
urn-nbn

Altmetric score

doi
isbn
urn-nbn
Total: 40 hits
CiteExportLink to record
Permanent link

Direct link
Cite
Citation style
  • apa
  • ieee
  • modern-language-association-8th-edition
  • vancouver
  • oxford
  • Other style
More styles
Language
  • de-DE
  • en-GB
  • en-US
  • fi-FI
  • nn-NO
  • nn-NB
  • sv-SE
  • Other locale
More languages
Output format
  • html
  • text
  • asciidoc
  • rtf