DocumentCode :
2446050
Title :
Transaction signing in applications using identity federation
Author :
Rabinovich, Paul
Author_Institution :
Exostar LLC, Herndon, VA, USA
fYear :
2010
fDate :
17-19 Aug. 2010
Firstpage :
144
Lastpage :
149
Abstract :
Many applications require users to express their consent when executing transactions on the Web. Transaction signing with passwords is by far the most common mechanism for providing such consent. An application that uses identity federation may not share a password with the user and, therefore, cannot engage in a password-based signing protocol. In this paper we propose a protocol that does not require users to share their passwords with applications (service providers) but only relies on passwords shared between users and their identity providers.
Keywords :
Internet; message authentication; protocols; Web; identity federation; password-based signing protocol; transaction signing; Browsers; Consumer electronics; Protocols; Public key; Servers;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Privacy Security and Trust (PST), 2010 Eighth Annual International Conference on
Conference_Location :
Ottawa, ON
Print_ISBN :
978-1-4244-7551-3
Electronic_ISBN :
978-1-4244-7549-0
Type :
conf
DOI :
10.1109/PST.2010.5593259
Filename :
5593259
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2446050
بازگشت