Title :
Trade-off Analysis of Identity Management Systems with an Untrusted Identity Provider
Author :
Elahi, Golnaz ; Lieber, Zeev ; Yu, Eric
Author_Institution :
Dept. of Comput. Sci., Univ. of Toronto, Toronto, ON
fDate :
July 28 2008-Aug. 1 2008
Abstract :
Internet users interact with multiple Web Service Providers (WSP), and therefore, must remember and manage multiple passwords. Users try to overcome the burden of password management by employing insecure solutions such as reusing the same password with several WSP. Identity management systems provide a solution for such problems. The common "assertion-based"\´ Identity Management systems require a strong trust in the Identity Provider (IdP), which has the power to impersonate any of its users. However, such trust is unlikely to materialize in the global Internet setting. This paper uses a goal-oriented approach for analyzing trust trade-offs of Identity Management systems in the global Internet scenario. We analyze a new proposal for a global Identity Management system named SlashID. SlashID takes advantage of client-side cryptography to eliminate the required trust relationship between the IdP and end users. We analyze and compare the impact of trust trade-offs of the SlashID solution.
Keywords :
Internet; cryptography; Identity Provider; Internet users; SlashID; Web Service Providers; client-side cryptography; identity management systems; multiple passwords; password management; trade-off analysis; untrusted identity provider; Authentication; Cryptography; Identity management systems; Information security; Internet; Network servers; Privacy; Proposals; Protocols; Web services;
Conference_Titel :
Computer Software and Applications, 2008. COMPSAC '08. 32nd Annual IEEE International
Conference_Location :
Turku
Print_ISBN :
978-0-7695-3262-2
Electronic_ISBN :
0730-3157
DOI :
10.1109/COMPSAC.2008.164
