Making OpenID Mobile and Privacy-Friendly
作者: Faysal Boukayoua , Karel Dewitte , Vincent Naessens
DOI: 10.1007/978-3-319-05440-7_3
关键词: Computer network 、 Authentication 、 Identity provider 、 Secure channel 、 Computer science 、 Mobile device 、 Transport Layer Security 、 Interoperability 、 Identity management 、 OpenID 、 Computer security
摘要: OpenID is a widely used single sign-on standard that allows users to access different services using the same authentication. However, its usage poses number of issues regarding privacy and security. This paper evaluates introduces three mobile strategies, two which are validated prototype implementation. Significant trust improvements attained through use an identity management architecture leverages properties tamperproof module. Furthermore, our approach makes more suitable for omnipresentmobile use.We remain interoperable with no modifications platform required.
springer.com
core.ac.uk
sci-hub.st 参考文章(19)
Andreas Leicher, Andreas U. Schmidt, Yogendra Shah, Smart OpenID: A Smart Card Based OpenID Protocol information security conference. pp. 75- 86 ,(2012) , 10.1007/978-3-642-30436-1_7
Faysal Boukayoua, Jan Vossaert, Bart De Decker, Vincent Naessens, Claim-Based versus Network-Based Identity Management: A Hybrid Approach Security and Privacy in Mobile Information and Communication Systems. pp. 38- 50 ,(2012) , 10.1007/978-3-642-33392-7_4
Bart van Delft, Martijn Oostdijk, A Security Analysis of OpenID Policies and Research in Identity Management. pp. 73- 84 ,(2010) , 10.1007/978-3-642-17303-5_6
Sebastian Feld, Norbert Pohlmann, Security Analysis of OpenID, followed by a Reference Implementation of an nPA-based OpenID Provider ISSE 2010 Securing Electronic Business Processes. pp. 13- 25 ,(2011) , 10.1007/978-3-8348-9788-6_2
Faysal Boukayoua, Jan Vossaert, Bart De Decker, Vincent Naessens, Using a Smartphone to Access Personalized Web Services on a Workstation IFIP PrimeLife International Summer School on Privacy and Identity Management for Life. pp. 144- 156 ,(2011) , 10.1007/978-3-642-31668-5_11
Steven Carmody, R L. Morgan, Walter Hoehn, Ken Klingenstein, Scott Cantor, Federated Security: The Shibboleth Approach Educause Quarterly. ,vol. 27, pp. 12- 17 ,(2004)
Foundations of Security Analysis and Design V: FOSAD 2007/2008/2009 Tutorial Lectures Lecture Notes in Computer Science. ,vol. 5705, ,(2009) , 10.1007/978-3-642-03829-7
Privacy and Identity Management for Life Springer Berlin/Heidelberg. pp. 365- ,(2011) , 10.1007/978-3-642-20317-6
David W. Chadwick, Federated Identity Management Foundations of Security Analysis and Design V. pp. 96- 120 ,(2009) , 10.1007/978-3-642-03829-7_3
Ben Dodson, Debangsu Sengupta, Dan Boneh, Monica S. Lam, Secure, Consumer-Friendly Web Authentication and Payments with a Phone mobile computing, applications, and services. pp. 17- 38 ,(2010) , 10.1007/978-3-642-29336-8_2