{"id":"https://openalex.org/W2943627200","doi":"https://doi.org/10.1145/3297280.3297438","title":"Requirements for preventing logic flaws in the authentication procedure of web applications","display_name":"Requirements for preventing logic flaws in the authentication procedure of web applications","publication_year":2019,"publication_date":"2019-04-08","ids":{"openalex":"https://openalex.org/W2943627200","doi":"https://doi.org/10.1145/3297280.3297438","mag":"2943627200"},"language":"en","primary_location":{"id":"doi:10.1145/3297280.3297438","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3297280.3297438","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing","raw_type":"proceedings-article"},"type":"article","indexed_in":["crossref"],"open_access":{"is_oa":false,"oa_status":"closed","oa_url":null,"any_repository_has_fulltext":false},"authorships":[{"author_position":"first","author":{"id":"https://openalex.org/A5048663643","display_name":"Youssou Ndiaye","orcid":null},"institutions":[{"id":"https://openalex.org/I19370010","display_name":"Orange (France)","ror":"https://ror.org/035j0tq82","country_code":"FR","type":"company","lineage":["https://openalex.org/I19370010"]},{"id":"https://openalex.org/I1294671590","display_name":"Centre National de la Recherche Scientifique","ror":"https://ror.org/02feahw73","country_code":"FR","type":"government","lineage":["https://openalex.org/I1294671590"]},{"id":"https://openalex.org/I56067802","display_name":"Universit\u00e9 de Rennes","ror":"https://ror.org/015m7wh34","country_code":"FR","type":"education","lineage":["https://openalex.org/I56067802"]}],"countries":["FR"],"is_corresponding":true,"raw_author_name":"Youssou Ndiaye","raw_affiliation_strings":["Univ Rennes, Inria, CNRS, Rennes, France","Orange Labs R&D [Rennes]"],"affiliations":[{"raw_affiliation_string":"Univ Rennes, Inria, CNRS, Rennes, France","institution_ids":["https://openalex.org/I56067802","https://openalex.org/I1294671590"]},{"raw_affiliation_string":"Orange Labs R&D [Rennes]","institution_ids":["https://openalex.org/I19370010"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5002785466","display_name":"Olivier Barais","orcid":"https://orcid.org/0000-0002-4551-8562"},"institutions":[{"id":"https://openalex.org/I56067802","display_name":"Universit\u00e9 de Rennes","ror":"https://ror.org/015m7wh34","country_code":"FR","type":"education","lineage":["https://openalex.org/I56067802"]},{"id":"https://openalex.org/I1294671590","display_name":"Centre National de la Recherche Scientifique","ror":"https://ror.org/02feahw73","country_code":"FR","type":"government","lineage":["https://openalex.org/I1294671590"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Olivier Barais","raw_affiliation_strings":["Univ Rennes, Inria, CNRS, Rennes, France","Diversity-centric Software Engineering","Universit\u00e9 de Rennes"],"affiliations":[{"raw_affiliation_string":"Univ Rennes, Inria, CNRS, Rennes, France","institution_ids":["https://openalex.org/I56067802","https://openalex.org/I1294671590"]},{"raw_affiliation_string":"Diversity-centric Software Engineering","institution_ids":[]},{"raw_affiliation_string":"Universit\u00e9 de Rennes","institution_ids":["https://openalex.org/I56067802"]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5031312202","display_name":"Arnaud Blouin","orcid":"https://orcid.org/0000-0002-5974-9601"},"institutions":[{"id":"https://openalex.org/I28221208","display_name":"Institut National des Sciences Appliqu\u00e9es de Rennes","ror":"https://ror.org/04xaa4j22","country_code":"FR","type":"education","lineage":["https://openalex.org/I28221208"]},{"id":"https://openalex.org/I1294671590","display_name":"Centre National de la Recherche Scientifique","ror":"https://ror.org/02feahw73","country_code":"FR","type":"government","lineage":["https://openalex.org/I1294671590"]},{"id":"https://openalex.org/I56067802","display_name":"Universit\u00e9 de Rennes","ror":"https://ror.org/015m7wh34","country_code":"FR","type":"education","lineage":["https://openalex.org/I56067802"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Arnaud Blouin","raw_affiliation_strings":["Univ Rennes, Inria, CNRS, Rennes, France","Institut National des Sciences Appliqu\u00e9es - Rennes","Diversity-centric Software Engineering"],"affiliations":[{"raw_affiliation_string":"Univ Rennes, Inria, CNRS, Rennes, France","institution_ids":["https://openalex.org/I56067802","https://openalex.org/I1294671590"]},{"raw_affiliation_string":"Institut National des Sciences Appliqu\u00e9es - Rennes","institution_ids":["https://openalex.org/I28221208"]},{"raw_affiliation_string":"Diversity-centric Software Engineering","institution_ids":[]}]},{"author_position":"middle","author":{"id":"https://openalex.org/A5021218805","display_name":"Ahmed Bouabdallah","orcid":null},"institutions":[{"id":"https://openalex.org/I4210149676","display_name":"Laboratoire du Futur","ror":"https://ror.org/04qq0qp34","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I15057530","https://openalex.org/I17170469","https://openalex.org/I4210105915","https://openalex.org/I4210128300","https://openalex.org/I4210149676","https://openalex.org/I4210160189"]},{"id":"https://openalex.org/I2802519937","display_name":"Institut de Recherche en Informatique et Syst\u00e8mes Al\u00e9atoires","ror":"https://ror.org/00myn0z94","country_code":"FR","type":"facility","lineage":["https://openalex.org/I1294671590","https://openalex.org/I1294671590","https://openalex.org/I1326498283","https://openalex.org/I205703379","https://openalex.org/I2802204017","https://openalex.org/I2802519937","https://openalex.org/I28221208","https://openalex.org/I4210127572","https://openalex.org/I4210159245","https://openalex.org/I56067802"]},{"id":"https://openalex.org/I4210127572","display_name":"IMT Atlantique","ror":"https://ror.org/030hj3061","country_code":"FR","type":"education","lineage":["https://openalex.org/I205703379","https://openalex.org/I4210127572"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Ahmed Bouabdallah","raw_affiliation_strings":["IMT Atlantique, IRISA, UBL, France","Objets communicants pour l'Internet du futur","IMT Atlantique"],"affiliations":[{"raw_affiliation_string":"IMT Atlantique, IRISA, UBL, France","institution_ids":["https://openalex.org/I4210127572","https://openalex.org/I2802519937"]},{"raw_affiliation_string":"Objets communicants pour l'Internet du futur","institution_ids":["https://openalex.org/I4210149676"]},{"raw_affiliation_string":"IMT Atlantique","institution_ids":["https://openalex.org/I4210127572"]}]},{"author_position":"last","author":{"id":"https://openalex.org/A5082366778","display_name":"Nicolas Aillery","orcid":"https://orcid.org/0000-0002-3222-3546"},"institutions":[{"id":"https://openalex.org/I19370010","display_name":"Orange (France)","ror":"https://ror.org/035j0tq82","country_code":"FR","type":"company","lineage":["https://openalex.org/I19370010"]}],"countries":["FR"],"is_corresponding":false,"raw_author_name":"Nicolas Aillery","raw_affiliation_strings":["Orange labs Rennes, Rennes, France","Orange Labs R&D [Rennes]"],"affiliations":[{"raw_affiliation_string":"Orange labs Rennes, Rennes, France","institution_ids":["https://openalex.org/I19370010"]},{"raw_affiliation_string":"Orange Labs R&D [Rennes]","institution_ids":["https://openalex.org/I19370010"]}]}],"institutions":[],"countries_distinct_count":1,"institutions_distinct_count":5,"corresponding_author_ids":["https://openalex.org/A5048663643"],"corresponding_institution_ids":["https://openalex.org/I1294671590","https://openalex.org/I19370010","https://openalex.org/I56067802"],"apc_list":null,"apc_paid":null,"fwci":0.3391,"has_fulltext":false,"cited_by_count":3,"citation_normalized_percentile":{"value":0.65578151,"is_in_top_1_percent":false,"is_in_top_10_percent":false},"cited_by_percentile_year":{"min":89,"max":95},"biblio":{"volume":null,"issue":null,"first_page":"1620","last_page":"1628"},"is_retracted":false,"is_paratext":false,"is_xpac":false,"primary_topic":{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},"topics":[{"id":"https://openalex.org/T12479","display_name":"Web Application Security Vulnerabilities","score":0.9998000264167786,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11241","display_name":"Advanced Malware Detection Techniques","score":0.9997000098228455,"subfield":{"id":"https://openalex.org/subfields/1711","display_name":"Signal Processing"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}},{"id":"https://openalex.org/T11800","display_name":"User Authentication and Security Systems","score":0.9990000128746033,"subfield":{"id":"https://openalex.org/subfields/1710","display_name":"Information Systems"},"field":{"id":"https://openalex.org/fields/17","display_name":"Computer Science"},"domain":{"id":"https://openalex.org/domains/3","display_name":"Physical Sciences"}}],"keywords":[{"id":"https://openalex.org/keywords/computer-science","display_name":"Computer science","score":0.7563875913619995},{"id":"https://openalex.org/keywords/computer-security","display_name":"Computer security","score":0.6756826639175415},{"id":"https://openalex.org/keywords/authorization","display_name":"Authorization","score":0.6551209688186646},{"id":"https://openalex.org/keywords/focus","display_name":"Focus (optics)","score":0.6230185627937317},{"id":"https://openalex.org/keywords/web-application-security","display_name":"Web application security","score":0.5864914059638977},{"id":"https://openalex.org/keywords/authentication","display_name":"Authentication (law)","score":0.5679714679718018},{"id":"https://openalex.org/keywords/web-application","display_name":"Web application","score":0.5227208733558655},{"id":"https://openalex.org/keywords/world-wide-web","display_name":"World Wide Web","score":0.32605093717575073},{"id":"https://openalex.org/keywords/the-internet","display_name":"The Internet","score":0.25912928581237793},{"id":"https://openalex.org/keywords/web-development","display_name":"Web development","score":0.22607487440109253}],"concepts":[{"id":"https://openalex.org/C41008148","wikidata":"https://www.wikidata.org/wiki/Q21198","display_name":"Computer science","level":0,"score":0.7563875913619995},{"id":"https://openalex.org/C38652104","wikidata":"https://www.wikidata.org/wiki/Q3510521","display_name":"Computer security","level":1,"score":0.6756826639175415},{"id":"https://openalex.org/C108759981","wikidata":"https://www.wikidata.org/wiki/Q788590","display_name":"Authorization","level":2,"score":0.6551209688186646},{"id":"https://openalex.org/C192209626","wikidata":"https://www.wikidata.org/wiki/Q190909","display_name":"Focus (optics)","level":2,"score":0.6230185627937317},{"id":"https://openalex.org/C59241245","wikidata":"https://www.wikidata.org/wiki/Q4781497","display_name":"Web application security","level":4,"score":0.5864914059638977},{"id":"https://openalex.org/C148417208","wikidata":"https://www.wikidata.org/wiki/Q4825882","display_name":"Authentication (law)","level":2,"score":0.5679714679718018},{"id":"https://openalex.org/C118643609","wikidata":"https://www.wikidata.org/wiki/Q189210","display_name":"Web application","level":2,"score":0.5227208733558655},{"id":"https://openalex.org/C136764020","wikidata":"https://www.wikidata.org/wiki/Q466","display_name":"World Wide Web","level":1,"score":0.32605093717575073},{"id":"https://openalex.org/C110875604","wikidata":"https://www.wikidata.org/wiki/Q75","display_name":"The Internet","level":2,"score":0.25912928581237793},{"id":"https://openalex.org/C79373723","wikidata":"https://www.wikidata.org/wiki/Q386275","display_name":"Web development","level":3,"score":0.22607487440109253},{"id":"https://openalex.org/C120665830","wikidata":"https://www.wikidata.org/wiki/Q14620","display_name":"Optics","level":1,"score":0.0},{"id":"https://openalex.org/C121332964","wikidata":"https://www.wikidata.org/wiki/Q413","display_name":"Physics","level":0,"score":0.0}],"mesh":[],"locations_count":2,"locations":[{"id":"doi:10.1145/3297280.3297438","is_oa":false,"landing_page_url":"https://doi.org/10.1145/3297280.3297438","pdf_url":null,"source":null,"license":null,"license_id":null,"version":"publishedVersion","is_accepted":true,"is_published":true,"raw_source_name":"Proceedings of the 34th ACM/SIGAPP Symposium on Applied Computing","raw_type":"proceedings-article"},{"id":"pmh:oai:HAL:hal-02087663v1","is_oa":false,"landing_page_url":"https://inria.hal.science/hal-02087663","pdf_url":null,"source":{"id":"https://openalex.org/S4406922461","display_name":"SPIRE - Sciences Po Institutional REpository","issn_l":null,"issn":null,"is_oa":false,"is_in_doaj":false,"is_core":false,"host_organization":null,"host_organization_name":null,"host_organization_lineage":[],"host_organization_lineage_names":[],"type":"repository"},"license":null,"license_id":null,"version":"submittedVersion","is_accepted":false,"is_published":false,"raw_source_name":"SAC 2019 - 34th ACM/SIGAPP Symposium On Applied Computing, Apr 2019, Limassol, Cyprus. pp.1-9, ⟨10.1145/3297280.3297438⟩","raw_type":"Conference papers"}],"best_oa_location":null,"sustainable_development_goals":[{"score":0.7900000214576721,"id":"https://metadata.un.org/sdg/16","display_name":"Peace, Justice and strong institutions"}],"awards":[],"funders":[],"has_content":{"pdf":false,"grobid_xml":false},"content_urls":null,"referenced_works_count":21,"referenced_works":["https://openalex.org/W1582830784","https://openalex.org/W1663388364","https://openalex.org/W2015824828","https://openalex.org/W2015952296","https://openalex.org/W2035830114","https://openalex.org/W2037202491","https://openalex.org/W2054702684","https://openalex.org/W2079452443","https://openalex.org/W2112748741","https://openalex.org/W2112968394","https://openalex.org/W2126339902","https://openalex.org/W2127456326","https://openalex.org/W2132303913","https://openalex.org/W2135301854","https://openalex.org/W2136757793","https://openalex.org/W2144378488","https://openalex.org/W2156221105","https://openalex.org/W2157151973","https://openalex.org/W2542617311","https://openalex.org/W3014623191","https://openalex.org/W3161918289"],"related_works":["https://openalex.org/W4249792249","https://openalex.org/W2003115932","https://openalex.org/W4405140583","https://openalex.org/W4385706035","https://openalex.org/W4249263872","https://openalex.org/W3011886893","https://openalex.org/W2381625382","https://openalex.org/W4238821156","https://openalex.org/W4256450364","https://openalex.org/W2276761883"],"abstract_inverted_index":{"Ensuring":[0],"the":[1,6],"security":[2,22],"is":[3],"one":[4],"of":[5,56,68],"most":[7],"daunting":[8],"challenges":[9],"that":[10,24,37,58],"web":[11,25,60],"applications":[12,26,61],"are":[13,19,62],"facing":[14],"nowadays.":[15],"Authentication":[16],"and":[17,41],"authorization":[18],"two":[20],"main":[21],"fields":[23],"must":[27],"consider":[28],"to":[29],"be":[30],"protected":[31],"against":[32],"unauthorized":[33],"accesses.":[34],"Various":[35],"approaches":[36,46],"detect":[38],"well-known":[39],"vulnerabilities":[40],"flaws":[42,57],"exist.":[43],"However,":[44],"these":[45],"mainly":[47],"focus":[48],"on":[49],"detecting":[50],"input":[51],"validation":[52],"flaws.":[53],"Another":[54],"kind":[55],"affect":[59],"logic":[63],"flaws,":[64],"but":[65],"they":[66],"lack":[67],"considerations.":[69]},"counts_by_year":[{"year":2025,"cited_by_count":1},{"year":2023,"cited_by_count":1},{"year":2022,"cited_by_count":1}],"updated_date":"2025-11-06T03:46:38.306776","created_date":"2025-10-10T00:00:00"}