Enhancing the Security for User Authentication in Open Authorization 2.0 by Using OpenSGX Tool

Manal Saeed Almalki, Tennessee State University


Recently, technology has spread more than before and become one of the basic necessities in our lives. With the expansion of technology, launching cyberattacks has emerged as a way to eavesdrop, impersonate, and penetrate systems to get sensitive information. In this paper, we aim to enhance the security for user authentication in Open Authorization 2.0 (OAuth 2.0) by using the Intel Software Guard Extensions (Intel SGX) tool, which helps protect user credentials from malicious attacks. The Intel SGX tool helps systems store and save codes and data inside protected containers called enclaves.There is an open source tool for Intel SGX called OpenSGX, which emulates an Intel SGX hardware component. OAuth 2.0 is a protocol that allows a user to get permission to access an app or website by using the information from another app or website. Such as Facebook, for authentication on another site. OAuth 2.0 has four types of grants. These types depend on how the application uses them to request the authorization. In this paper, we focus on authorization code grants. OAuth 2.0 is not secure enough. It faces many attacks, including cross-site request forgery attack (CSRFs). To improve OAuth 2.0 security, we combined the Intel SGX tool with OAuth 2.0 processes. This approach should ensure that no external program can modify any data or codes inside the enclaves. Moreover, the code runs inside the isolation execution environment that provides the Trusted Execution Environment (TEE).

Subject Area

Computer science

Recommended Citation

Manal Saeed Almalki, "Enhancing the Security for User Authentication in Open Authorization 2.0 by Using OpenSGX Tool" (2017). ETD Collection for Tennessee State University. Paper AAI10641359.