Matthijs Melissen has been working as a security specialist at Computest for 6 years. Prior to that, he has been working as a PHP developer, as well as as an academic researcher in IT security. He received a PhD from the University of Luxembourg based on his research in fair exchange protocols.
This talk gives an introduction in how single sign-on protocols (such as SAML, OAuth 2, and Open ID Connect) work. Subsequently, I will talk about the most commonly found vulnerabilities in these protocols. Finally, I will show various ways to resolve these vulnerabilities.