A large-scale study of web password habits
Proceedings of the 16th international conference on World Wide Web
Usability and privacy in identity management architectures
ACSW '07 Proceedings of the fifth Australasian symposium on ACSW frontiers - Volume 68
A Survey of User-centric Identity Management Technologies
SECUREWARE '07 Proceedings of the The International Conference on Emerging Security Information, Systems, and Technologies
The Venn of Identity: Options and Issues in Federated Identity Management
IEEE Security and Privacy
The Seven Flaws of Identity Management: Usability and Security Challenges
IEEE Security and Privacy
Designing with Progressive Enhancement: Building the Web that Works for Everyone
Designing with Progressive Enhancement: Building the Web that Works for Everyone
SP 800-57. Recommendation for Key Management, Part 1: General (revised)
SP 800-57. Recommendation for Key Management, Part 1: General (revised)
The SWAC approach for sharing a web application's codebase between server and client
ICWE'13 Proceedings of the 13th international conference on Web Engineering
The SWAC approach for sharing a web application's codebase between server and client
ICWE'13 Proceedings of the 13th international conference on Web Engineering
Customized views on profiles in WebID-Based distributed social networks
ICWE'13 Proceedings of the 13th international conference on Web Engineering
| Hi-index | 0.00 |
WebID is a new development of the W3C. As a universal identification mechanism, WebID enables users to authenticate through client certificates instead of username/password pairs. For creating such WebID certificates, there are different ways available. Each is characterized by several aspects that become important depending on a user's individual conditions and trust needs. Users must carefully consider these aspects on their own to find the most appropriate way for them. There is a risk that inexperienced users make wrong considerations, which affect their security and privacy. In this work, we propose an approach towards a context-aware WebID certificate creation taking individual conditions and trust needs into account. As a proof of concept, we apply the SWAC framework that facilitates JavaScript-based generation of WebID certificates on both client and server. We evaluate our approach and available methods including HTML5 keygen and native implementations using different devices and Web browsers.