Browse > Article
http://dx.doi.org/10.6109/jkiice.2011.15.7.1501

Analysis of Internet Identity Management 2.0 and Perspective of 3.0  

Park, Seung-Chul (한국기술교육대학교)
Publication Information
Journal of the Korea Institute of Information and Communication Engineering / v.15, no.7, 2011 , pp. 1501-1509 More about this Journal
Abstract
Current identity management 1.0 model, which is service provider-centric and isolated, has several problems such as low usability, high cost structure, difficulty in privacy protection, and lack of trust infrastructure. Though various SSO-based identity management 2.0 models including Passport/Live ID, Liberty Alliance/SAML, CardSpace, and OpenID have been recently developed in order to overcome those problems, they are not widely accepted in real Internet environment so as to replace the existing identity management 1.0 model. This paper firstly analyzes the widely-known identity 2.0 models in a comparative way, and then presents a perspective on the development direction of identity management 3.0 model for future Internet.
Keywords
Identity Management; Authentication; Single Sign-On; Privacy;
Citations & Related Records
연도 인용수 순위
  • Reference
1 K. Cameron and M. B. Jones, "Design rationale behind the Identity Metasystem Architecture", http://research.microsoft.com/en-us/um/people/mjb/papers/Identity_Meatsystem_Design_Rationale.pdf, 2006.
2 W. A. Alrodhan and C. J. Mitchell, "Addressing privacy issues in CardSpace", Proc. of 3rd Int'l Symposium on Information Assurance and Security, 2007.
3 D. Chadwick and S. Shaw, "Review of OpenID", JISC Final Report(http://www.jisc.ac.uk/whatwedo/program mes/einfrastructure/reviewofopenid.aspx), Dec. 2008.
4 M. Hansen, A. Schwartz, and A. Cooper, "Privacy and Identity Management", IEEE Security and Privacy, March/April 2008.
5 U. Kylau, I. Thomas, M. Menzel, and C. Meinel, "Trust Requirements in Identity Federation Technologies", Int'l Conf. on Advanced Networking and Applications, 2009.
6 TTAI.IT-Xeaa, "개체 인증에 대한 보증 프레임워크 (Entity Authentication Assurance Framework)", 한국정보통신기술협회, 2010년 12월 23일
7 M. Myers, et. al., "X.509 Internet Public Key Infrastructure Online Certificate Status Protocol - OCSP", RFC 2560, June 1999
8 O. T. Seierstad, "Microsoft Windows CardSpace and the Identity Meta System", Telektronikk 3/4, 2007.
9 OpenID Foundation, "OpenID Authentication 2.0 - Final", http://openid.net/specs/openid-authentication-2_0.html, Dec. 2007.
10 T. E. Maliki and J.-M. Seigneur, "A Survey of User-centric Identity Management Technologies", Proc. of Int'l Conference on Emerging Security Information, Systems and Technologies, pp. 12-17, 2007.
11 E. Maler and D. Reed, "The Venn of Identity - Options and Issues in Federated Identity Management", IEEE Security & Privacy, March/April 2008.
12 Aries Fajar Dwiputera, "Single Sign-On Architectures in Public Networks(Liberty Alliance)", INFOTECH Seminar Communication Services, 2005.
13 http://en.wikipedia.org/wiki/Windows_Live_ID
14 FIDIS, "D3.17:identity Management Systems - recent developments", www.fidis.net, August 2009.
15 A. Josang and S. Pope, "User Centric Identity Management", AusCERT Conference, 2005.
16 D. P. Korman and A. D. Rubin, "Risks of the Passport Single Signon Protocol", IEEE Computer Networks, July 2000.
17 Liberty Alliance Project, "Liberty ID-FF Architecture Overview", Liberty Alliance, 2004.
18 OASIS, "Security Assertion Markup Language(SAML) V2.0 Technical Overview", http://www.oasis-open.org, March 2008.