IPTPS '01 Revised Papers from the First International Workshop on Peer-to-Peer Systems
Identity Crisis: Anonymity vs. Reputation in P2P Systems
P2P '03 Proceedings of the 3rd International Conference on Peer-to-Peer Computing
A Reputation and Trust Management Broker Framework for Web Applications
EEE '05 Proceedings of the 2005 IEEE International Conference on e-Technology, e-Commerce and e-Service (EEE'05) on e-Technology, e-Commerce and e-Service
IEEE Transactions on Knowledge and Data Engineering
OpenID 2.0: a platform for user-centric identity management
Proceedings of the second ACM workshop on Digital identity management
Trusted Platform Module Basics: Using TPM in Embedded Systems (Embedded Technology)
Trusted Platform Module Basics: Using TPM in Embedded Systems (Embedded Technology)
Investigating interactions of trust and interest similarity
Decision Support Systems
Trust Negotiation in Identity Management
IEEE Security and Privacy
Using reputation to augment explicit authorization
Proceedings of the 2007 ACM workshop on Digital identity management
The Venn of Identity: Options and Issues in Federated Identity Management
IEEE Security and Privacy
Privacy and Identity Management
IEEE Security and Privacy
AttributeTrust A Framework for Evaluating Trust in Aggregated Attributes via a Reputation System
PST '08 Proceedings of the 2008 Sixth Annual Conference on Privacy, Security and Trust
Reputation Bootstrapping for Trust Establishment among Web Services
IEEE Internet Computing
Integrating Behavioral Trust in Web Service Compositions
ICWS '09 Proceedings of the 2009 IEEE International Conference on Web Services
Methods for Computing Trust and Reputation While Preserving Privacy
Proceedings of the 23rd Annual IFIP WG 11.3 Working Conference on Data and Applications Security XXIII
Towards pre-standardization of trust and reputation models for distributed and heterogeneous systems
Computer Standards & Interfaces
TRIMS, a privacy-aware trust and reputation model for identity management systems
Computer Networks: The International Journal of Computer and Telecommunications Networking
Linguistic Fuzzy Logic Enhancement of a Trust Mechanism for Distributed Networks
CIT '10 Proceedings of the 2010 10th IEEE International Conference on Computer and Information Technology
A multidimensional reputation scheme for identity federations
EuroPKI'09 Proceedings of the 6th European conference on Public key infrastructures, services and applications
Benefits of federated identity management: a survey from an integrated operations viewpoint
ARES'11 Proceedings of the IFIP WG 8.4/8.9 international cross domain conference on Availability, reliability and security for business, enterprise and health information systems
Enhancing OpenID through a reputation framework
ATC'11 Proceedings of the 8th international conference on Autonomic and trusted computing
Trusted computing enhanced user authentication with OpenID and trustworthy user interface
International Journal of Internet Technology and Secured Transactions
A dynamic trust model based on feedback control mechanism for p2p applications
ATC'06 Proceedings of the Third international conference on Autonomic and Trusted Computing
Kerberos: an authentication service for computer networks
IEEE Communications Magazine
Federated ID: The challenge of federated identity management
Network Security
A trust evolution model for P2P networks
ATC'07 Proceedings of the 4th international conference on Autonomic and Trusted Computing
Knowledge-Based Systems
| Hi-index | 0.00 |
OpenID is an open standard providing a decentralized authentication mechanism to end users. It is based on a unique URL (Uniform Resource Locator) or XRI (Extensible Resource Identifier) as identifier of the user. This fact of using a single identifier confers this approach an interesting added-value when users want to get access to different services in the Internet, since users do not need to create a new account on every website they are visiting. However, OpenID providers are normally used as a point to store certain personal attributes of the end users too, which might be of interest for any service provider willing to make profit from collecting that personal information. The definition of a reputation management solution integrated as part of the OpenID protocol can help users to determine whether a given service provider is more or less reliable before interacting with it and transferring their private information. This paper is providing the definition of a reputation framework that can be applied to the OpenID SSO (Single Sign-On) standard solution. It also defines how the protocol itself can be enhanced so OpenID providers can collect (and provide) recommendations from (to) users regarding different service providers and thus enhancing the users' experience when using OpenID. Besides the definition, a set of tests has been performed validating the feasibility of the framework.