Abstract
User-centric identity management has recently received significant attention for handling private and critical identity attributes. The notable idea of usercentric identity management allows users to control their own digital identities. Current user-centric identity management approaches are mainly focused on interoperable architectures between existing identity management systems. Normally, users can access the Internet from various places such as home, office, school or public Internet caf’e. We observe that the importance of portability of the a user’s digital identity should be addressed in the user-centric identity management practices. In other words, users should be able to export their digital identities and transfer them to various computers in a secure manner. In this paper, we focus on the portability issue of the Identity Metasystem and describe three possible types of portabilityenhanced Identity Metasystem model including our implementation experience.
Chapter PDF
Similar content being viewed by others
Keywords
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.
References
Adams, A. and Sasse, M. A. 1999. Users are not the enemy. Commun. ACM 42, 12 (Dec. 1999), 40-46. DOI= http://doi.acm.org/10.1145/322796.322806
Ahn, G. and Lam, J. 2005. Managing privacy preferences for federated identity management. In Proceedings of the 2005 Workshop on Digital Identity Management (Fairfax, VA, USA, November 11 - 11, 2005). DIM ’05. ACM, New York, NY, 28-36. DOI= http://doi.acm.org/10.1145/1102486.1102492
Bandit-project.org Home. Available at http://www.bandit-project.org/
Cameron, K.: Kim Cameron’s Identity Weblog. Available at http://www.identityblog.com/
Cameron, K.: The Laws of Identity. Microsoft Corporation, White Paper, May 2005
Cameron, K. and Jones, M.: Design Rationale behind the Identity Metasystem Architecture. Microsoft Corporation, White Paper, May 2005
Chappell, D.: Introducing InfoCard. Microsoft Corporation, Draft version for MIX, March 2006
Curry, S.:An introduction to the Java Ring, Java Wrold, April 1998
Gemalto Cryotoflex.NET. Available at http://www.cardsolutions.se/Cryptoflex.NET.pdf
Higgins Trust Framework Project Home. Available at http://www.eclipse.org/higgins/
Identity Management solutions from IBM Tivoli software. Available at http://www- 306.ibm.com/software/tivoli/solutions/identity-mgmt/
Incubation Status for Heraldry. Available at http://incubator.apache.org/projects/heraldry.html
Java Card Technology. Available at http://java.sun.com/products/javacard/index.jsp
Java Card Technology Overview. Available at http://java.sun.com/products/javacard/overview.html
Jsang, A. and Pope, S.: User Centric Identity Management. Proceedings of AusCERT, Gold Coast, May 2005
Kerberos Token Profile 1.1. Available at http://www.oasisopen. org/committees/download.php/16788/wss-v1.1-spec-os-KerberosTokenProfile.pdf
Koch, M.:Global Identity Management to Boost Personalization, 9th reserch sysmp. on Emerging Electronic Markets, 137-148, 2002
Liberty Alliance Project. Available at http://www.projectliberty.org/
LID Wiki. Available at http://lid.netmesh.org
Markantonakis, K. and Mayes, K.: A Secure Channel Protocol for Multi-Application Smart Card Based on Public Key Cryptography, IFIP CMS, 2004
Microsoft .NET Framework 3.0 Community (NetFx3). Available at http://www.netfx3.com/
Microsofts Vision for an Identity Metasystem. Microsoft Corporation, White Paper, May 2005
Mulligan, D. and Schwartz, A. 2000. Your place or mine?: privacy concerns and solutions for server and client-side storage of personal information. In Proceedings of the Tenth Conference on Computers, Freedom and Privacy: Challenging the Assumptions (Toronto, Ontario, Canada, April 04 - 07, 2000). CFP ’00. ACM, New York, NY, 81-84. DOI= http://doi.acm.org/10.1145/332186.332255
OpenID: an actually distributed identity. Available at http://openid.net/
OpenSAML - an Open Source Security Assertion Language toolkit. Available at http://www.opensaml.org/
OpenSSO Home, Available at https://opensso.dev.java.net/
OpenXRI.org Home. Available at http://openxri.org/
SAML Token Profile 1.1. Available at http://www.oasisopen. org/committees/download.php/16768/wss-v1.1-spec-os-SAMLTokenProfile.pdf
Shibboleth Project- Internet2 Middleware. Available at http://shibboleth.internet2.edu/
Stealth MXP. Available at http://www.mxisecurity.com/docs/mxi stealth mxp.pdf
Sxip identity. Available at http://www.sxip.com/
The Legion of the Bouncy Castle. Available at http://www.bouncycastle.org/
OSIS: Open Source Identity Systems. Available at http://osis.idcommons.net/
Ueli M. Maurer, Stefan Wolf: The Diffie-Hellman Protocol. Des. Codes Cryptography 19(2/3): 147-171 (2000)
Web Services Metadata Exchange(WS-MetadataExchange). Available at http://specs.xmlsoap.org/ws/2004/09/mex/W S-MetadataExchange.pdf
Web Services Security: SOAP Message Security 1.0 (WS-Security 2004). Available at http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0.pdf
Web Services Security Policy Language(WS-SecurityPolicy). Available at http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf
Web Services Trust Language (WS-Trust). Available at http://specs.xmlsoap.org/ws/2005/02/trust/WS-Trust.pdf
What is ShopSafe. Available at http://www.bankofamerica.com/creditcards/index.cfm?template=faq
Windows CardSpace. Available at http://cardspace.netfx3.com/
Windows Live ID. Available at https://accountservices.passport.net/ppnetworkhome.srf?lc=1033
X.509 Token Profile 1.1. Available at http://www.oasisopen. org/committees/download.php/16785/wss-v1.1-spec-os-x509TokenProfile.pdf
xmldap.org - cardspace/infocard resources. Available at http://xmldap.org/
Ye, Z. and Smith, S. 2002. Trusted Paths for Browsers. In Proceedings of the 11th USENIX Security Symposium (August 05 - 09, 2002). D. Boneh, Ed. USENIX Security Symposium. USENIX Association, Berkeley, CA, 263-279
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2008 IFIP International Federation for Information Processing
About this paper
Cite this paper
Ahn, GJ., Ko, M.N., Shehab, M. (2008). Portable User-Centric Identity Management. In: Jajodia, S., Samarati, P., Cimato, S. (eds) Proceedings of The Ifip Tc 11 23rd International Information Security Conference. SEC 2008. IFIP – The International Federation for Information Processing, vol 278. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-09699-5_37
Download citation
DOI: https://doi.org/10.1007/978-0-387-09699-5_37
Publisher Name: Springer, Boston, MA
Print ISBN: 978-0-387-09698-8
Online ISBN: 978-0-387-09699-5
eBook Packages: Computer ScienceComputer Science (R0)