Android single sign-on security: Issues, taxonomy and directions

In this work, we first describe the OAuth 2.0 authorization code grant flow and the implicit grant flow in detail and summarize the differences between the Web environment and the Android environment that affect OAuth 2.0 security. Then, we summarize the security issues in the implementations of OAuth 2.0 on Android. These security issues include: storing client_secret or access token locally, using embedded WebView as user-agent, incorrect usage of authentication proof, handling redirection in mobile app improperly, lacking transmission protection and third-party app authentication. Attacks on these vulnerabilities, such as WebView hijacking, linking hijacking and phishing, as well as attack results are elaborated subsequently. Against these security issues and attacks, we summarize the related research work in terms of vulnerability analysis, defense, and protocol analysis. At last, we discuss the directions for mitigating these security issues and discuss some OAuth-based protocols for the IoT environment.