A client-side approach for privacy-preserving identity federation

, &
Identity in the Information Society 2 (3):269-295 (2009)
  Copy   BIBTEX

Abstract

Providing Single Sign-On (SSO) between service providers and enabling service providers to share user personal attributes are critical for both users to benefit from a seamless access to their services, and service providers to realize new business opportunities. Today, however, the users have several independent, partial identities spread over different service providers. Providing SSO and attribute sharing requires that links (federations) are established between (partial) identities. In SAML 2.0 (Maler et al. 2003), the links between identities are stored and managed at the network side by the identity providers (network-side identity federation). This model prevents the service providers from mass-correlating the partial identities they have, but the users must fully trust the identity providers. In this paper, we propose a complementary approach where the users have a full control of the links between their partial identities. It is a client-side identity federation approach, which relies on the introduction of a new cryptographic tool, called invariable partially blind signature scheme, that may be of independent interest

Categories

Keywords

Reprint years

DOI

10.1007/s12394-009-0024-4

Other Versions

No versions found

Links

PhilArchive



    Upload a copy of this work     Papers currently archived: 101,072

External links

Setup an account with your affiliations in order to access resources via your University's proxy server

Through your library

My notes

Similar books and articles

Accountable privacy supporting services.Jan Camenisch, Thomas Groß & Thomas Scott Heydt-Benjamin - 2009 - Identity in the Information Society 2 (3):241-267.
Redefining the bureaucratic encounter between service providers and service users: Evidence from the norwegian HUSK projects.S. Carnochan & M. J. Austin - unknown
Federated identity management in mobile dynamic virtual organizations.Matteo Gaeta, Juergen Jaehnert, Kleopatra Konstanteli, Sergio Miranda, Pierluigi Ritrovato & Theodora Varvarigou - 2009 - Identity in the Information Society 2 (2):115-136.
Privacy concerns and identity in online social networks.Hanna Krasnova, Oliver Günther, Sarah Spiekermann & Ksenia Koroleva - 2009 - Identity in the Information Society 2 (1):39-63.
Identity management in GRID computing and Service Oriented Architectures: research and practice. [REVIEW]Theodora Varvarigou & Vassiliki Andronikou - 2009 - Identity in the Information Society 2 (2):95-98.
Users’ Payment Intention considering Privacy Protection in Cloud Storage: An Evolutionary Game-Theoretic Approach.Jianguo Zheng & Jinming Chen - 2021 - Complexity 2021:1-15.
On-line privacy and consent: a dialogue, not a monologue.Lizzie Coles-Kemp & Elahe Kani-Zabihi - unknown
Delegation of access rights in multi-domain service compositions.Laurent Bussard, Anna Nano & Ulrich Pinsdorf - 2009 - Identity in the Information Society 2 (2):137-154.
The new ethical responsibilities of internet service providers.Luciano Floridi - 2011 - Philosophy and Technology 24 (4):369-370.
Trusting third-party storage providers for holding personal information. A context-based approach to protect identity-related data in untrusted domains.Giulio Galiero & Gabriele Giammatteo - 2009 - Identity in the Information Society 2 (2):99-114.

Analytics

Added to PP
2013-11-24

Downloads
22 (#973,937)

6 months
10 (#411,161)

Historical graph of downloads
How can I increase my downloads?

Citations of this work

No citations found.

Add more citations

References found in this work

No references found.

Add more references