Browse > Article
http://dx.doi.org/10.3745/KIPSTC.2011.18C.6.389

A Framework for Trustworthy Open Shared Authentication Protocol  

Park, Seung-Chul (한국기술교육대학교 컴퓨터공학부)
Publication Information
The KIPS Transactions:PartC / v.18C, no.6, 2011 , pp. 389-396 More about this Journal
Abstract
Recently, researches on the shared authentication based on single sign-on have been actively performed so as to solve the problems of current service provider-centric and isolated Internet authentications, including low usability, high cost structure, and difficulty in privacy protection. In order for the shared authentication model, where the authentications of an authentication provider are shared by several Internet service providers, to be accepted in real Internet environment, trustworthiness among users, service providers, and authentication providers on the level of authentication assurance and the level of authentication information protection is necessarily required. This paper proposes a framework for trustworthy and privacy-protected shared authentication protocol based on the user-centric operation and open trust provider network. The proposed framework is differentiated from previous works in the points that it is able to provide interoperable shared authentication services on the basis of open trust infrastructure.
Keywords
Authentication; Shared Authentication; Authentication Assurance; Privacy;
Citations & Related Records
Times Cited By KSCI : 1  (Citation Analysis)
연도 인용수 순위
1 M. I. Chehab and A. E. Abdallah, "Assurance in Identity Management Systems", 6th Int'l Conference on Information Assurance and Security, 2010.   DOI
2 박승철, "인터넷 신원 관리 2.0에 대한 분석과 3.0에 대한 전망", 해양정보통신학회논문지, 제15권 5호, 2011년 7월.   과학기술학회마을   DOI
3 T. E. Maliki and J.-M. Seigneur, "A Survey of User-centric Identity Management Technologies", Proc. of Int'l Conference on Emerging Security Information, Systems and Technologies, pp.12-17, 2007.   DOI
4 D. P. Korman and A. D. Rubin, "Risks of the Passport Single Signon Protocol", IEEE Computer Networks, July, 2000.
5 http://en.wikipedia.org/wiki/Windows_Live_ID
6 Liberty Alliance Project, "Liberty ID-FF Architecture Overview", Liberty Alliance, 2004.
7 Aries Fajar Dwiputera, "Single Sign-On Architectures in Public Networks(Liberty Alliance)", INFOTECH Seminar Communication Services, 2005.
8 OASIS, "Security Assertion Markup Language(SAML) V2.0 Technical Overview", http://www.oasis-open.org, March, 2008.
9 OpenID Foundation, "OpenID Authentication 2.0 - Final", http://openid.net/specs/openid-authentication-2_0.html, Dec., 2007.
10 D. Chadwick and S. Shaw, "Review of OpenID", JISC Final Report(http://www.jisc.ac.uk/whatwedo/programmes/einfrastructure/reviewofopenid.aspx), Dec., 2008.
11 K. Cameron and M. B. Jones, "Design rationale behind the Identity Metasystem Architecture", http://research.microsoft.com/en-us/um/people/mjb/papers/Identity_Meatsystem_Design_Rationale.pdf, 2006.
12 A. Josang and S. Pope, "User Centric Identity Management", AusCERT Conference, 2005.
13 T. E. Maliki and J.-M. Seigneur, "A Survey of User-centric Identity Management Technologies", Proc. of Int'l Conference on Emerging Security Information, Systems and Technologies, pp.12-17, 2007.   DOI
14 P. Madsen and H. Itoh, "Challenges to Supporting Federated Assurance", IEEE Computer, May, 2009.   DOI   ScienceOn
15 E. Maler and D. Reed, "The Venn of Identity - Options and Issues in Federated Identity Management", IEEE Security & Privacy, March/April, 2008.   DOI   ScienceOn
16 W. A. Alrodhan and C. J. Mitchell, "Addressing privacy issues in CardSpace", Proc. of 3rd Int'l Symposium on Information Assurance and Security, 2007.   DOI
17 D. Thibeau and D. Reed, "Open trust Frameworks for Open Government: Enabling Citizen Involvement through Open Identity Technologies", A White Paper from the OpenId Foundation and Information Card Foundation, August, 2009.
18 TTAI.IT-Xeaa, "개체 인증에 대한 보증 프레임워크(Entity Authentication Assurance Framework)", 한국정보통신기술협회, 2010년 12월 23일.