Skip to main content
SpringerLink
Log in

Enhancing OpenID through a Reputation Framework

  • Conference paper
Autonomic and Trusted Computing (ATC 2011)

Part of the book series: Lecture Notes in Computer Science ((LNPSE,volume 6906))

Included in the following conference series:

  • 1203 Accesses

Abstract

OpenID is an open standard providing a decentralised authentication mechanism to end users. It is based on a unique URL (Uniform Resource Locator) or XRI (Extensible Resource Identifier) as identifier of the user. This fact of using a single identifier confers this approach an interesting added-value when users want to get access to different services in the Internet, since users do not need to create a new account on every website they are visiting. However, OpenID providers are usually also being used as a point to store certain personal attributes of the end users, which might be of interest for any service provider willing to make profit from collecting that personal information. The definition of a reputation management solution integrated as part of the OpenID protocol can help users to determine whether certain service provider is more or less reliable before interacting with it and transferring their private information. This paper is providing the definition of a reputation framework that can be applied to the OpenID SSO (Single Sign-On) standard solution. It also defines how the protocol itself can be enhanced so OpenID providers can collect (and provide) recommendations from (to) users regarding different service providers and thus enhancing the users’ experience when using OpenID.

This is a preview of subscription content, log in via an institution to check access.

Access this chapter

Log in via an institution
Chapter
USD 29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD 39.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD 54.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Recordon, D., Reed, D.: OpenID 2.0: a platform for user-centric identity management. In: Proceedings of the Second ACM Workshop on Digital Identity Management, DIM 2006, pp. 11–16 (2006)

    Google Scholar 

  2. Sakimura, N.: Coping with information asymmetry. In: Identity Management Conference, SESSION G: Managing Risk & Reducing Online Fraud Using New Security Technologies, pp. 1–14. OASIS, Washington, US (2010)

    Google Scholar 

  3. Mármol, F.G., Pérez, G.M.: Security Threats Scenarios in Trust and Reputation Models for Distributed Systems. Elsevier Computers & Security 28(7), 545–556 (2009)

    Article  Google Scholar 

  4. OASIS. Open reputation management systems (ORMS) (2008), http://www.oasis-open.org/committees/orms

  5. Mármol, F.G., Pérez, G.M.: Towards Pre-Standardization of Trust and Reputation Models for Distributed and Heterogeneous Systems. Computer Standards & Interfaces 32(4), 185–196 (2010)

    Article  Google Scholar 

  6. Piotrowski, T.: E-receipt verification system and method. US Patent, US 0120607 A1 (June 2003), http://www.freepatentsonline.com/20030120607.pdf

  7. Mármol, F.G., Pérez, G.M.: Providing Trust in Wireless Sensor Networks using a Bio-Inspired Technique. Telecommunication Systems Journal 46(2), 163–180 (2011)

    Article  Google Scholar 

  8. Mármol, F.G., Marín-Blázquez, J.G., Pérez, G.M.: Linguistic Fuzzy Logic Enhancement of a Trust Mechanism for Distributed Networks. In: Proceedings of the Third IEEE International Symposium on Trust, Security and Privacy for Emerging Applications (TSP 2010), Bradford, UK, pp. 838–845 (2010)

    Google Scholar 

  9. Omar, M., Challal, Y., Bouabdallah, A.: Reliable and fully distributed trust model for mobile ad hoc networks. Computers and Security 28(3-4), 199–214 (2009)

    Article  Google Scholar 

  10. Mármol, F.G., Pérez, G.M., Skarmeta, A.F.G.: TACS, a Trust Model for P2P Networks. Wireless Personal Communications, Special Issue on Information Security and data protection in Future Generation Communication and Networking 51(1), 153–164 (2009)

    Google Scholar 

  11. Wang, Y., Tao, Y., Yu, P., Xu, F., Lü, J.: A Trust Evolution Model for P2P Networks. In: Xiao, B., Yang, L.T., Ma, J., Muller-Schloer, C., Hua, Y. (eds.) ATC 2007. LNCS, vol. 4610, pp. 216–225. Springer, Heidelberg (2007)

    Chapter  Google Scholar 

  12. Huang, C., Hu, H., Wang, Z.: A Dynamic Trust Model Based on Feedback Control Mechanism for P2P Applications. In: Yang, L.T., Jin, H., Ma, J., Ungerer, T. (eds.) ATC 2006. LNCS, vol. 4158, pp. 312–321. Springer, Heidelberg (2006)

    Chapter  Google Scholar 

  13. Marti, S., García-Molina, H.: Identity crisis: anonymity vs reputation in P2P systems. In: Proceedings for the Third International Conference on Peer-to-Peer Computing (P2P 2003) Linköping, Sweden, pp. 134–141 (September 2003)

    Google Scholar 

  14. Bansal, S.K., Bansal, A., Blake, M.: Trust-based dynamic web service composition using social network analysis. In: IEEE International Workshop on Business Applications for Social Network Analysis (BASNA 2010) (December 2010)

    Google Scholar 

  15. Hang, C.-W., Singh, M.P.: Selecting trustworthy service in service-oriented environments. In: The 12th AAMAS Workshop on Trust in Agent Societies (May 2009)

    Google Scholar 

  16. Malik, Z., Bouguettaya, A.: Reputation bootstrapping for trust establishment among web services. IEEE Internet Computing 13, 40–47 (2009)

    Article  Google Scholar 

  17. Paradesi, S., Doshi, P., Swaika, S.: Integrating behavioral trust in web service compositions. In: Proceedings of the 2009 IEEE International Conference on Web Services, ICWS 2009, pp. 453–460 (2009)

    Google Scholar 

  18. Mármol, F.G., Girao, J., Pérez, G.M.: TRIMS, a Privacy-aware Trust and Reputation Model for Identity Management Systems. Elsevier Computer Networks Journal 54(16), 2899–2912 (2010)

    Article  Google Scholar 

  19. Mohan, A., Blough, D.M.: AttributeTrust - a framework for evaluating trust in aggregated attributes via a reputation system. In: Proceedings of the 2008 Sixth Annual Conference on Privacy, Security and Trust, pp. 201–212 (2008)

    Google Scholar 

  20. Windley, P.J., Daley, D., Cutler, B., Tew, K.: Using reputation to augment explicit authorization. In: Proceedings of the 2007 ACM workshop on Digital identity management, DIM 2007, pp. 72–81 (2007)

    Google Scholar 

  21. Lin, K.-J., Lu, H., Yu, T., Tai, C.-e.: A reputation and trust management broker framework for web applications. In: nternational Conference on e-Technology, e-Commerce, and e-Services, pp. 262–269. IEEE Computer Society, Los Alamitos (2005)

    Google Scholar 

Download references

Author information

Authors and Affiliations

  1. NEC Laboratories Europe, Kurfürsten-Anlage 36, 69115, Heidelberg, Germany

    Félix Gómez Mármol & Marcus Quintino Kuhnen

  2. Departamento de Ingeniería de la Información y las Comunicaciones, University of Murcia, 30100, Murcia, Spain

    Gregorio Martínez Pérez

Authors
  1. Félix Gómez Mármol
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Marcus Quintino Kuhnen
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Gregorio Martínez Pérez
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. Cloud and Security Laboratory, Hewlett-Packard Laboratories, BS34 8QZ, Stroke Gifford, United Kingdom

    Jose M. Alcaraz Calero

  2. Department of Computer Science, St. Francis Xavier University, B2G 2W5, Antigonish, NS, Canada

    Laurence T. Yang

  3. Security Laboratory, NEC Laboratories Europe, Kurfürsten-Anlage 36, 69115, Heidelberg, Germany

    Félix Gómez Mármol

  4. Departamento de Ingeniería del Software e Inteligencia, Universidad Complutense de Madrid (UCM), C/Profesor José García Santesmases s/n, 28040, Madrid, Spain

    Luis Javier García Villalba

  5. Department of Electrical and Computer Engineering, University of Florida, 216 Larsen Hll, 32611-6200, Gainesville, FL, USA

    Andy Xiaolin Li

  6. Department of Computing, Macquarie University, E6A339, 2109, Sydney, NSW, Australia

    Yan Wang

Rights and permissions

Reprints and permissions

Copyright information

© 2011 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Mármol, F.G., Kuhnen, M.Q., Pérez, G.M. (2011). Enhancing OpenID through a Reputation Framework. In: Calero, J.M.A., Yang, L.T., Mármol, F.G., García Villalba, L.J., Li, A.X., Wang, Y. (eds) Autonomic and Trusted Computing. ATC 2011. Lecture Notes in Computer Science, vol 6906. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-23496-5_1

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-23496-5_1

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-23495-8

  • Online ISBN: 978-3-642-23496-5

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation