DocumentCode
1130332
Title
The Seven Flaws of Identity Management: Usability and Security Challenges
Author
Dhamija, Rachna ; Dusseault, Lisa
Author_Institution
Harvard Univ., Cambridge
Volume
6
Issue
2
fYear
2008
Firstpage
24
Lastpage
29
Abstract
Web identity management systems are complex systems with powerful features - and many potential vulnerabilities. They aim to facilitate the management of identifiers, credentials, personal information, and the presentation of this information to other parties. In many schemes, an identity provider (IdP) issues identities or credentials to users, while a relying party (RP) depends on the IdP to check the user credentials before it allows users access to Web site services. By separating the role of and IdP from the RP, identity management systems let users leverage one identifier across multiple Web services.
Keywords
Web services; security of data; Web services; Web site services; credential management; identifier management; identity management systems; identity provider; personal information management; relying party; Authorization; Identity management systems; Information security; Markup languages; Power system management; Power system security; Privacy; Protocols; Usability; Web services; identity management; privacy; usability;
fLanguage
English
Journal_Title
Security & Privacy, IEEE
Publisher
ieee
ISSN
1540-7993
Type
jour
DOI
10.1109/MSP.2008.49
Filename
4489846
Link To Document