Notarized federated ID management and authentication

Authors:
Michael T. Goodrich;Roberto Tamassia;Danfeng (Daphne) Yao
Affiliations:
Department of Computer Science, University of California, Irvine, CA 92697, USA. E-mail: goodrich@acm.org;Department of Computer Science, Providence, RI 02912, USA. E-mail: rt@cs.brown.edu;Department of Computer Science, Rutgers University, Piscataway, NJ 08854, USA. E-mail: danfeng@cs.rutgers.edu
Venue:
Journal of Computer Security - 20th Annual IFIP WG 11.3 Working Conference on Data and Applications Security (DBSec'06)
Year:
2008

Citing 17
Cited 1

Security without identification: transaction systems to make big brother obsolete

Communications of the ACM
Identity-based cryptosystems and signature schemes

Proceedings of CRYPTO 84 on Advances in cryptology
The security of the cipher block chaining message authentication code

Journal of Computer and System Sciences
Design and implementation of the idemix anonymous credential system

Proceedings of the 9th ACM conference on Computer and communications security
A uniform framework for regulating service access and information release on the web

Journal of Computer Security
Persistent Authenticated Dictionaries and Their Applications

ISC '01 Proceedings of the 4th International Conference on Information Security
A General Model for Authenticated Data Structures

Algorithmica
ID-based encryption for complex hierarchies with applications to forward security and broadcast encryption

Proceedings of the 11th ACM conference on Computer and communications security
Establishing and protecting digital identity in federation systems

Proceedings of the 2005 workshop on Digital identity management
Privacy and identity management for everyone

Proceedings of the 2005 workshop on Digital identity management
Federated identity management for protecting users from ID theft

Proceedings of the 2005 workshop on Digital identity management
Establishing and protecting digital identity in federation systems

Journal of Computer Security - The First ACM Workshop on Digital Identity Management -- DIM 2005
Certificate revocation and certificate update

SSYM'98 Proceedings of the 7th conference on USENIX Security Symposium - Volume 7
Federated identity-management protocols

Proceedings of the 11th international conference on Security Protocols
Point-based trust: define how much privacy is worth

ICICS'06 Proceedings of the 8th international conference on Information and Communications Security
Computational bounds on hierarchical data processing with applications to information security

ICALP'05 Proceedings of the 32nd international conference on Automata, Languages and Programming
Countering identity theft through digital uniqueness, location cross-checking, and funneling

FC'05 Proceedings of the 9th international conference on Financial Cryptography and Data Security

Privacy-aware identity management for client-side mashup applications

Proceedings of the 5th ACM workshop on Digital identity management

Quantified Score

Hi-index	0.00

Visualization

Abstract

We propose a notarized federated identity management model that supports efficient user authentication when providers are unknown to each other. Our model introduces a notary service, owned by a trusted third-party, to dynamically notarize assertions generated by identity providers. An additional feature of our model is the avoidance of direct communications between identity providers and service providers, which provides improved privacy protection for users. We present an efficient implementation of our notarized federated identity management model based on the Secure Transaction Management System (STMS). We also give a practical solution for mitigating aspects of the identity theft problem and discuss its use in our notarized federated identity management model. The unique feature of our cryptographic solution is that it enables one to proactively prevent the leaking of secret identity information.