Abstract
A wide variety of identity management systems have been introduced to improve the security and usability of user authentication; however, password-based authentication remains the dominant technology despite its well known shortcomings. In this paper we describe a client-based identity management tool we call IDSpace, designed to address this problem by providing a single user interface and user experience for user authentication, whilst supporting a range of existing identity management technologies. The goal is to simplify the use of the wide range of existing technologies, helping to encourage their use, whilst imposing no additional burden on existing service providers and identity providers. Operation of IDSpace with certain existing systems is described.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Herley, C., van Oorschot, P.C., Patrick, A.S.: Passwords: If We’re So Smart, Why Are We Still Using Them? In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 230–237. Springer, Heidelberg (2009)
Adams, C., Lloyd, S.: Understanding PKI: Concepts, Standards, and Deployment Considerations, 2nd edn. Addison-Wesley (2002)
Alrodhan, W.: Privacy and Practicality of Identity Management Systems: Academic Overview. VDM Verlag Dr. Müller GmbH, Germany (2011)
Bertino, E., Takahashi, K.: Identity Management: Concepts, Technologies, and Systems. Artech House Publishers, Norwood (2011)
Williamson, G., Yip, D., Sharoni, I., Spaulding, K.: Identity Management: A Primer. MC Press, Big Sandy (2009)
Windley, P.J.: Digital Identity. O’Reilly Media, Sebastopol (2005)
Recordon, D., Rae, L., Messina, C.: OpenID: The Definitive Guide. O’Reilly Media, Sebastopol (2010)
Surhone, L.M., Timpledon, M.T., Marseken, S.F. (eds.): OpenID: Authentication, Login, Service, Digital Identity, Password, User, Software System, List of OpenID Providers, Yadis, Shared Secret. Betascript Publishing (2010)
Surhone, L.M., Timpledon, M.T., Marsaken, S.F.: Security Assertion Markup Language: Security Domain, Single Sign-on, Identity Management, Access Control, OASIS, Liberty Alliance, SAML 1.1, SAML 2.0. Betascript Publishing (2010)
Internet2: Shibboleth Architecture — Technical Overview (2005)
Internet2: Shibboleth Architecture — Protocols and Profiles (2005)
Bertocci, V., Serack, G., Baker, C.: Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities. Addison-Wesley, Reading (2008)
Mercuri, M.: Beginning Information Cards and CardSpace: From Novice to Professional. Apress, New York (2007)
IETF: Internet draft-ietf-oauth-v2-20: The OAuth 2.0 Authorization Protocol (2011)
Leach, J.: Improving user security behaviour. Computers & Security 22, 685–692 (2003)
OASIS: Identity Metasystem Interoperability Version 1.0, IMI 1.0 (2009)
Liberty Alliance Project: Liberty ID-FF protocols and schema specification (2005)
Crowley, M.: Pro Internet Explorer 8 & 9 Development: Developing Powerful Applications For The Next Generation Of IE. Apress, New York (2010)
Gallery, E.: An overview of trusted computing technology. In: Mitchell, C.J. (ed.) Trusted Computing, pp. 29–114. IEE Press, London (2005)
Liberty Alliance Project: Liberty ID-FF bindings and profiles specification (2004)
W3C: W3C Recommendation: SOAP Version 1.2 Part 1: Messaging Framework (2007)
Al-Sinani, H.S., Mitchell, C.J.: Implementing PassCard — a CardSpace-based password manager. Technical Report RHUL-MA-2010-15, Department of Mathematics, Royal Holloway, University of London (2010)
Al-Sinani, H.S., Mitchell, C.J.: Using CardSpace as a Password Manager. In: de Leeuw, E., Fischer-Hübner, S., Fritsch, L. (eds.) IDMAN 2010. IFIP AICT, vol. 343, pp. 18–30. Springer, Heidelberg (2010)
Al-Sinani, H.S.: Browser extension-based interoperation between OAuth and information card-based systems. Technical Report RHUL-MA-2011-15, Department of Mathematics, Royal Holloway, University of London (2011)
Al-Sinani, H.S., Mitchell, C.J.: Client-based CardSpace-Shibboleth interoperation. Technical Report RHUL-MA-2011-13, Department of Mathematics, Royal Holloway, University of London (2011)
Al-Sinani, H.S., Mitchell, C.J.: Client-based CardSpace-OpenID interoperation. In: Gelenbe, E., Lent, R., Sakellari, G. (eds.) Proceedings of ISCIS 2011 — the 26th International Symposium on Computer and Information Sciences, September 26-28. LNEE, pp. 387–394. Springer, London (2011), Full version available at: http://www.ma.rhul.ac.uk/techreports/2011/RHUL-MA-2011-12.pdf
Brands, S.A.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)
Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Atluri, V. (ed.) Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, Washington, DC, USA, November 18-22, pp. 21–30. ACM, New York (2002)
Al-Sinani, H.S., Alrodhan, W.A., Mitchell, C.J.: CardSpace-Liberty integration for CardSpace users. In: Klingenstein, K., Ellison, C.M. (eds.) Proceedings of the 9th Symposium on Identity and Trust on the Internet, IDtrust 2010, Gaithersburg, Maryland, USA, April 13-15, pp. 12–25. ACM, New York (2010)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2012 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Al-Sinani, H.S., Mitchell, C.J. (2012). A Universal Client-Based Identity Management Tool. In: Petkova-Nikova, S., Pashalidis, A., Pernul, G. (eds) Public Key Infrastructures, Services and Applications. EuroPKI 2011. Lecture Notes in Computer Science, vol 7163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29804-2_4
Download citation
DOI: https://doi.org/10.1007/978-3-642-29804-2_4
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-29803-5
Online ISBN: 978-3-642-29804-2
eBook Packages: Computer ScienceComputer Science (R0)