Explicating SDKs:
Uncovering Assumptions Underlying
Secure Authentication and Authorization
Rui Wang*, Yuchen Zhou*, Shuo Chen, Shaz Qadeer, David
Evans, and Yuri Gurevich
22nd USENIX
Security Symposium
Washington, DC
14-16 August 2013
Abstract
Most modern applications are empowered by online services, so application developers frequently implement authentication and authorization. Major online providers, such as Facebook and Microsoft, provide SDKs for incorporating authentication services. This paper considers whether those SDKs enable typical developers to build secure apps. Our work focuses on systematically explicating implicit assumptions that are necessary for secure use of an SDK. Understanding these assumptions depends critically on not just the SDK itself, but on the underlying runtime systems. We present a systematic process for identifying critical implicit assumptions by building semantic models that capture both the logic of the SDK and the essential aspects of underlying systems. These semantic models provide the explicit basis for reasoning about the security of an SDK. We use a formal analysis tool, along with the semantic models, to reason about all applications that can be built using the SDK. In particular, we formally check whether the SDK, along with the explicitly captured assumptions, is sufficient to imply the desired security properties.
Paper
Full paper (16 pages): [PDF]Models: https://github.com/sdk-security/Explicated-SDKs
