Search CORE

36 research outputs found

Managing Identity Management Systems

Author: Al-Sinani Haitham
Publication venue
Publication date: 01/01/2012
Field of study

Although many identity management systems have been proposed, in- tended to improve the security and usability of user authentication, major adoption problems remain. In this thesis we propose a range of novel schemes to address issues acting as barriers to adoption, namely the lack of interoper- ation between systems, simple adoption strategies, and user security within such systems. To enable interoperation, a client-based model is proposed supporting in- terworking between identity management systems. Information Card systems (e.g. CardSpace) are enhanced to enable a user to obtain a security token from an identity provider not supporting Information Cards; such a token, after en- capsulation at the client, can be processed by an Information Card-enabled relying party. The approach involves supporting interoperation at the client, while maximising transparency to identity providers, relying parties and iden- tity selectors. Four specific schemes conforming to the model are described, each of which has been prototyped. These schemes enable interoperation be- tween an Information Card-enabled relying party and an identity provider supporting one of Liberty, Shibboleth, OpenID, or OAuth. To facilitate adoption, novel schemes are proposed that enable Informa- tion Card systems to support password management and single sign on. The schemes do not require any changes to websites, and provide a simple, intu- itive user experience through use of the identity selector interface. They fa- miliarise users with Information Card systems, thereby potentially facilitating their future adoption. To improve user security, an enhancement to Information Card system user authentication is proposed. During user authentication, a one-time pass- word is sent to the user's mobile device which is then entered into the com- puter by the user. Finally, a universal identity management tool is proposed, designed to support a wide range of systems using a single user interface. It provides a consistent user experience, addresses a range of security issues (e.g. phishing), and provides greater user control during authentication.EThOS - Electronic Theses Online ServiceGBUnited Kingdo

Summary

Author: Bart Priem
Martin Meints (icpp
Rani Husseiki (sirrix
Ronald Leenes (tilt
Ronald Leenes (tilt
Seyit Ahmet Camtepe (tub
Stefanie Poetzsch (tud
Unabhängiges Landeszentrum Für Datenschutz Germany
Publication venue
Publication date
Field of study

20090506_fidis_D3.12 final 1.0.od

CiteSeerX

PRIME Framework V3.

Author: Andersson C.
Casassa-Mont M.
Fairchild A.M.
Fischer-Hubner S.
Fritsch L.
Hansen M.
Hedbom H.
Hogben G.
Keller P.
Kohlweiss M.
Kosta E.
Kramer G.
Kuczerawy A.
Leenes R.E.
Oomen I.C.
Pettersson J.S.
Priem B.P.
Ribbers P.M.A.
Sommer D.
Tseng J.
Zibuschka J.
Publication venue
Publication date
Field of study

PRIME Framework V3

Author: Andersson C.
Casassa-Mont M.
Fairchild A.M.
Fischer-Hubner S.
Fritsch L.
Hansen M.
Hedbom H.
Hogben G.
Keller P.
Kohlweiss M.
Kosta E.
Kramer G.
Kuczerawy A.
Leenes R.E.
Oomen I.C.
Pettersson J.S.
Priem B.P.
Ribbers P.M.A.
Sommer D.
Tseng J.
Zibuschka J.
Publication venue: PRIME consortium
Publication date: 01/01/2008
Field of study

Tilburg University Repository

Privacy in identity and access management systems

Author: Mitchell Chris J
Pashalidis Andreas
Publication venue: 'IGI Global'
Publication date: 01/01/2012
Field of study

Royal Holloway Research Online

Integrating OAuth with Information Card Systems

Author: Al-Sinani Haitham S.
Publication venue: 'Institute of Electrical and Electronics Engineers (IEEE)'
Publication date: 01/01/2011
Field of study

We propose a novel scheme to provide client-based interoperation between OAuth and an Information Card system such as CardSpace or Higgins. In this scheme, Information Card users are able to obtain a security token from an OAuth-enabled system, the contents of which can be processed by an Information Card-enabled relying party. The scheme, based on a browser extension, is transparent to OAuth providers and to identity selectors, and only requires minor changes to the operation of an Information Card-enabled relying party. We specify its operation and describe an implementation of a proof-of-concept prototype. Security and operational analyses are also provided

Royal Holloway Research Online

Tutorial: Identity Management Systems and Secured Access Control

Author: Berger Ron
Hovav Anat
Publication venue: AIS Electronic Library (AISeL)
Publication date: 01/12/2009
Field of study

Identity Management has been a serious problem since the establishment of the Internet. Yet little progress has been made toward an acceptable solution. Early Identity Management Systems (IdMS) were designed to control access to resources and match capabilities with people in well-defined situations, Today’s computing environment involves a variety of user and machine centric forms of digital identities and fuzzy organizational boundaries. With the advent of inter-organizational systems, social networks, e-commerce, m-commerce, service oriented computing, and automated agents, the characteristics of IdMS face a large number of technical and social challenges. The first part of the tutorial describes the history and conceptualization of IdMS, current trends and proposed paradigms, identity lifecycle, implementation challenges and social issues. The second part addresses standards, industry initia-tives, and vendor solutions. We conclude that there is disconnect between the need for a universal, seamless, trans-parent IdMS and current proposed standards and vendor solutions

AIS Electronic Library (AISeL)