Security analysis of Facebook Connect

Supervisor(s)Dr. Markus Riek


Facebook Connect is a set of authentication APIs to enable Facebook users to log on to third-party websites and applications with their Facebook identity. This thesis should introduce the authentication protocol used by Facebook Connect and provide a security analysis based on existing case studies.


  • Miculan, M. and Urban, C. Formal analysis of Facebook Connect Single Sign-On authentication protocol. In SofSem 2011, Proceedings of Student Research Forum. OKAT, 2011, pp. 99–116.
  • Wang, R., Chen, S., and Wang, X.F. Signing Me onto Your Accounts through Facebook and Google: a Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services. In Proceedings of the IEEE Symposium on Security and Privacy (Oakland). IEEE Computer Society, 2012.