Sundar, Nataraj2011-08-312011-08-312011-08-31http://hdl.handle.net/2097/12124Facebook is a social networking service launched in February of 2004, currently having 600 million active users. Users can create a personal profile, add other friends, and exchange messages and notifications when they change their profile. Facebook has the highest usage among all social networks worldwide. It's most valuable asset is access to the personal data of all its users, making the security of such data a primary concern. User's data can be accessed by Facebook and third parties using Applications(Applications are web applications that are loaded in the context of Facebook. Building an application on Facebook will allow integration with many aspects like the user's profile information, news feed, notifications etc). "On profile" advertisement in Facebook is a classic example of how Facebook tailors the advertisements a user can see, based on the information in his profile. Having prioritzed user friendlines and ease of use of the Applications over the security of the user's data, serious questions about privacy are raised. We provide here an in-depth view of the Facebook's Application Authetication and Authorization architecture. We have included what, in our opinion, are the positives and negetives and suggested improvements. This document takes on the role of the User, the Application and Facebook server at appropriate points.en-US© the author. This Item is protected by copyright and/or related rights. You are free to use this Item in any way that is permitted by the copyright and related rights legislation that applies to your use. For other uses you need to obtain permission from the rights-holder(s).http://rightsstatements.org/vocab/InC/1.0/Open authenticationFacebookStudy of Facebook’s application architectureThesisComputer Science (0984)