Trade-off Analysis of Identity Management Systems with an Untrusted Identity Provider

July 28-August 01

DOI Bookmark:

http://doi.ieeecomputersociety.org/10.1109/COMPSAC.2008.164

2008 32nd Annual IEEE International C ...

	This Article
	PURCHASE ARTICLE: $19 PDF HTML IEEE Xplore Subscribers
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan/Endnote
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Golnaz Elahi Articles by Zeev Lieber Articles by Eric Yu

	ASCII Text	x
	Golnaz Elahi, Zeev Lieber, Eric Yu, "Trade-off Analysis of Identity Management Systems with an Untrusted Identity Provider," Computer Software and Applications Conference, Annual International, pp. 661-666, 2008 32nd Annual IEEE International Computer Software and Applications Conference, 2008.

	BibTex	x
	@article{ 10.1109/COMPSAC.2008.164, author = {Golnaz Elahi and Zeev Lieber and Eric Yu}, title = {Trade-off Analysis of Identity Management Systems with an Untrusted Identity Provider}, journal ={Computer Software and Applications Conference, Annual International}, volume = {0}, year = {2008}, issn = {0730-3157}, pages = {661-666}, doi = {http://doi.ieeecomputersociety.org/10.1109/COMPSAC.2008.164}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Computer Software and Applications Conference, Annual International TI - Trade-off Analysis of Identity Management Systems with an Untrusted Identity Provider SN - 0730-3157 SP661 EP666 A1 - Golnaz Elahi, A1 - Zeev Lieber, A1 - Eric Yu, PY - 2008 KW - null VL - 0 JA - Computer Software and Applications Conference, Annual International ER -

Golnaz Elahi

Zeev Lieber

Eric Yu

Internet users interact with multiple Web Service Providers (WSP), and therefore, must remember and manage multiple passwords. Users try to overcome the burden of password management by employing insecure solutions such as reusing the same password with several WSP. Identity management systems provide a solution for such problems. The common "assertion-based"' Identity Management systems require a strong trust in the Identity Provider (IdP), which has the power to impersonate any of its users. However, such trust is unlikely to materialize in the global Internet setting. This paper uses a goal-oriented approach for analyzing trust trade-offs of Identity Management systems in the global Internet scenario. We analyze a new proposal for a global Identity Management system named SlashID. SlashID takes advantage of client-side cryptography to eliminate the required trust relationship between the IdP and end users. We analyze and compare the impact of trust trade-offs of the SlashID solution.

Citation:

Golnaz Elahi, Zeev Lieber, Eric Yu, "Trade-off Analysis of Identity Management Systems with an Untrusted Identity Provider," compsac, pp.661-666, 2008 32nd Annual IEEE International Computer Software and Applications Conference, 2008

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.