Skip to main content
SpringerLink
Log in
Book cover

European Public Key Infrastructure Workshop

EuroPKI 2011: Public Key Infrastructures, Services and Applications pp 49–74Cite as

A Universal Client-Based Identity Management Tool

  • Conference paper

Part of the book series: Lecture Notes in Computer Science ((LNSC,volume 7163))

Abstract

A wide variety of identity management systems have been introduced to improve the security and usability of user authentication; however, password-based authentication remains the dominant technology despite its well known shortcomings. In this paper we describe a client-based identity management tool we call IDSpace, designed to address this problem by providing a single user interface and user experience for user authentication, whilst supporting a range of existing identity management technologies. The goal is to simplify the use of the wide range of existing technologies, helping to encourage their use, whilst imposing no additional burden on existing service providers and identity providers. Operation of IDSpace with certain existing systems is described.

This is a preview of subscription content, log in via an institution.

Chapter
USD   29.95
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
eBook
USD   54.99
Price excludes VAT (USA)
  • Available as PDF
  • Read on any device
  • Instant download
  • Own it forever
Softcover Book
USD   69.99
Price excludes VAT (USA)
  • Compact, lightweight edition
  • Dispatched in 3 to 5 business days
  • Free shipping worldwide - see info

Tax calculation will be finalised at checkout

Purchases are for personal use only

Learn about institutional subscriptions

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. Herley, C., van Oorschot, P.C., Patrick, A.S.: Passwords: If We’re So Smart, Why Are We Still Using Them? In: Dingledine, R., Golle, P. (eds.) FC 2009. LNCS, vol. 5628, pp. 230–237. Springer, Heidelberg (2009)

    Chapter  Google Scholar 

  2. Adams, C., Lloyd, S.: Understanding PKI: Concepts, Standards, and Deployment Considerations, 2nd edn. Addison-Wesley (2002)

    Google Scholar 

  3. Alrodhan, W.: Privacy and Practicality of Identity Management Systems: Academic Overview. VDM Verlag Dr. Müller GmbH, Germany (2011)

    Google Scholar 

  4. Bertino, E., Takahashi, K.: Identity Management: Concepts, Technologies, and Systems. Artech House Publishers, Norwood (2011)

    Google Scholar 

  5. Williamson, G., Yip, D., Sharoni, I., Spaulding, K.: Identity Management: A Primer. MC Press, Big Sandy (2009)

    Google Scholar 

  6. Windley, P.J.: Digital Identity. O’Reilly Media, Sebastopol (2005)

    Google Scholar 

  7. Recordon, D., Rae, L., Messina, C.: OpenID: The Definitive Guide. O’Reilly Media, Sebastopol (2010)

    Google Scholar 

  8. Surhone, L.M., Timpledon, M.T., Marseken, S.F. (eds.): OpenID: Authentication, Login, Service, Digital Identity, Password, User, Software System, List of OpenID Providers, Yadis, Shared Secret. Betascript Publishing (2010)

    Google Scholar 

  9. Surhone, L.M., Timpledon, M.T., Marsaken, S.F.: Security Assertion Markup Language: Security Domain, Single Sign-on, Identity Management, Access Control, OASIS, Liberty Alliance, SAML 1.1, SAML 2.0. Betascript Publishing (2010)

    Google Scholar 

  10. Internet2: Shibboleth Architecture — Technical Overview (2005)

    Google Scholar 

  11. Internet2: Shibboleth Architecture — Protocols and Profiles (2005)

    Google Scholar 

  12. Bertocci, V., Serack, G., Baker, C.: Understanding Windows CardSpace: An Introduction to the Concepts and Challenges of Digital Identities. Addison-Wesley, Reading (2008)

    Google Scholar 

  13. Mercuri, M.: Beginning Information Cards and CardSpace: From Novice to Professional. Apress, New York (2007)

    Book  Google Scholar 

  14. IETF: Internet draft-ietf-oauth-v2-20: The OAuth 2.0 Authorization Protocol (2011)

    Google Scholar 

  15. Leach, J.: Improving user security behaviour. Computers & Security 22, 685–692 (2003)

    Article  Google Scholar 

  16. OASIS: Identity Metasystem Interoperability Version 1.0, IMI 1.0 (2009)

    Google Scholar 

  17. Liberty Alliance Project: Liberty ID-FF protocols and schema specification (2005)

    Google Scholar 

  18. Crowley, M.: Pro Internet Explorer 8 & 9 Development: Developing Powerful Applications For The Next Generation Of IE. Apress, New York (2010)

    Google Scholar 

  19. Gallery, E.: An overview of trusted computing technology. In: Mitchell, C.J. (ed.) Trusted Computing, pp. 29–114. IEE Press, London (2005)

    Chapter  Google Scholar 

  20. Liberty Alliance Project: Liberty ID-FF bindings and profiles specification (2004)

    Google Scholar 

  21. W3C: W3C Recommendation: SOAP Version 1.2 Part 1: Messaging Framework (2007)

    Google Scholar 

  22. Al-Sinani, H.S., Mitchell, C.J.: Implementing PassCard — a CardSpace-based password manager. Technical Report RHUL-MA-2010-15, Department of Mathematics, Royal Holloway, University of London (2010)

    Google Scholar 

  23. Al-Sinani, H.S., Mitchell, C.J.: Using CardSpace as a Password Manager. In: de Leeuw, E., Fischer-Hübner, S., Fritsch, L. (eds.) IDMAN 2010. IFIP AICT, vol. 343, pp. 18–30. Springer, Heidelberg (2010)

    Chapter  Google Scholar 

  24. Al-Sinani, H.S.: Browser extension-based interoperation between OAuth and information card-based systems. Technical Report RHUL-MA-2011-15, Department of Mathematics, Royal Holloway, University of London (2011)

    Google Scholar 

  25. Al-Sinani, H.S., Mitchell, C.J.: Client-based CardSpace-Shibboleth interoperation. Technical Report RHUL-MA-2011-13, Department of Mathematics, Royal Holloway, University of London (2011)

    Google Scholar 

  26. Al-Sinani, H.S., Mitchell, C.J.: Client-based CardSpace-OpenID interoperation. In: Gelenbe, E., Lent, R., Sakellari, G. (eds.) Proceedings of ISCIS 2011 — the 26th International Symposium on Computer and Information Sciences, September 26-28. LNEE, pp. 387–394. Springer, London (2011), Full version available at: http://www.ma.rhul.ac.uk/techreports/2011/RHUL-MA-2011-12.pdf

    Google Scholar 

  27. Brands, S.A.: Rethinking Public Key Infrastructures and Digital Certificates: Building in Privacy. MIT Press, Cambridge (2000)

    Google Scholar 

  28. Camenisch, J., Van Herreweghen, E.: Design and implementation of the idemix anonymous credential system. In: Atluri, V. (ed.) Proceedings of the 9th ACM Conference on Computer and Communications Security, CCS 2002, Washington, DC, USA, November 18-22, pp. 21–30. ACM, New York (2002)

    Chapter  Google Scholar 

  29. Al-Sinani, H.S., Alrodhan, W.A., Mitchell, C.J.: CardSpace-Liberty integration for CardSpace users. In: Klingenstein, K., Ellison, C.M. (eds.) Proceedings of the 9th Symposium on Identity and Trust on the Internet, IDtrust 2010, Gaithersburg, Maryland, USA, April 13-15, pp. 12–25. ACM, New York (2010)

    Chapter  Google Scholar 

Download references

Author information

Authors and Affiliations

  1. Information Security Group, Royal Holloway, University of London, Egham, Surrey, TW20 0EX, UK

    Haitham S. Al-Sinani & Chris J. Mitchell

Authors
  1. Haitham S. Al-Sinani
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Chris J. Mitchell
    View author publications

    You can also search for this author in PubMed Google Scholar

Editor information

Editors and Affiliations

  1. University of Twente and Katholieke Universiteit Leuven ESAT-COSIC, Kasteelpark Arenberg 10, 3001, Leuven-Heverlee, Belgium

    Svetla Petkova-Nikova

  2. Katholieke Universiteit Leuven, ESAT/SCD (COSIC), Kasteelpark Arenberg 10, 3001, Leuven-Heverlee, Belgium

    Andreas Pashalidis

  3. Department of Information Systems, University of Regensburg, Universitätsstraße 31, 93053, Regensburg, Germany

    Günther Pernul

Rights and permissions

Reprints and permissions

Copyright information

© 2012 Springer-Verlag Berlin Heidelberg

About this paper

Cite this paper

Al-Sinani, H.S., Mitchell, C.J. (2012). A Universal Client-Based Identity Management Tool. In: Petkova-Nikova, S., Pashalidis, A., Pernul, G. (eds) Public Key Infrastructures, Services and Applications. EuroPKI 2011. Lecture Notes in Computer Science, vol 7163. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-29804-2_4

Download citation

  • DOI: https://doi.org/10.1007/978-3-642-29804-2_4

  • Publisher Name: Springer, Berlin, Heidelberg

  • Print ISBN: 978-3-642-29803-5

  • Online ISBN: 978-3-642-29804-2

  • eBook Packages: Computer ScienceComputer Science (R0)

Publish with us

Policies and ethics

Search

Navigation