DocumentCode :
2927638
Title :
Integrating OAuth with Information card systems
Author :
Al-Sinani, Haitham S.
Author_Institution :
Inf. Security Group, Univ. of London, London, UK
fYear :
2011
fDate :
5-8 Dec. 2011
Firstpage :
198
Lastpage :
203
Abstract :
We propose a novel scheme to provide client-based interoperation between OAuth and an Information Card system such as CardSpace or Higgins. In this scheme, Information Card users are able to obtain a security token from an OAuth-enabled system, the contents of which can be processed by an Information Card-enabled relying party. The scheme, based on a browser extension, is transparent to OAuth providers and to identity selectors, and only requires minor changes to the operation of an Information Card-enabled relying party. We specify its operation and describe an implementation of a proof-of-concept prototype. Security and operational analyses are also provided.
Keywords :
authorisation; open systems; smart cards; Information Card-enabled relying party; OAuth provider; OAuth-enabled system; browser extension; client-based interoperation; identity selectors; information card system; information card users; security token; Authorization; Browsers; Facebook; HTML; Protocols; Servers; CardSpace; Information Cards; OAuth;
fLanguage :
English
Publisher :
ieee
Conference_Titel :
Information Assurance and Security (IAS), 2011 7th International Conference on
Conference_Location :
Melaka
Print_ISBN :
978-1-4577-2154-0
Type :
conf
DOI :
10.1109/ISIAS.2011.6122819
Filename :
6122819
Link To Document :
https://search.ricest.ac.ir/dl/search/defaultta.aspx?DTC=49&DC=2927638
بازگشت