Security without identification: transaction systems to make big brother obsolete
Communications of the ACM
Consistent, yet anonymous, Web access with LPWA
Communications of the ACM
Risks of the passport single signon protocol
Proceedings of the 9th international World Wide Web conference on Computer networks : the international journal of computer and telecommunications netowrking
Untraceable electronic mail, return addresses, and digital pseudonyms
Communications of the ACM
Design and implementation of the idemix anonymous credential system
Proceedings of the 9th ACM conference on Computer and communications security
Dos and don'ts of client authentication on the web
SSYM'01 Proceedings of the 10th conference on USENIX Security Symposium - Volume 10
Architecture for user-controlled e-privacy
Proceedings of the 2003 ACM symposium on Applied computing
Analysis of Liberty Single-Sign-on with Enabled Clients
IEEE Internet Computing
Proving a WS-federation passive requestor profile with a browser model
Proceedings of the 2005 workshop on Secure web services
Proving a WS-Federation passive requestor profile
SWS '04 Proceedings of the 2004 workshop on Secure web service
User interfaces for privacy agents
ACM Transactions on Computer-Human Interaction (TOCHI)
Privacy provision in e-learning standardized systems: status and improvements
Computer Standards & Interfaces
Privacy-aware identity management for client-side mashup applications
Proceedings of the 5th ACM workshop on Digital identity management
Fine-Grained Recommendation Systems for Service Attribute Exchange
ICSOC-ServiceWave '09 Proceedings of the 7th International Joint Conference on Service-Oriented Computing
Portable secure identity management for software engineering
Proceedings of the 32nd ACM/IEEE International Conference on Software Engineering - Volume 2
Federated identity-management protocols
Proceedings of the 11th international conference on Security Protocols
Policy-based integration of user and provider-sided identity management
ETRICS'06 Proceedings of the 2006 international conference on Emerging Trends in Information and Communication Security
Browser model for security analysis of browser-based protocols
ESORICS'05 Proceedings of the 10th European conference on Research in Computer Security
Enhancing consumer privacy in the liberty alliance identity federation and web services frameworks
PET'06 Proceedings of the 6th international conference on Privacy Enhancing Technologies
Evaluating identity management architectures
Proceedings of the 3rd international ACM SIGSOFT symposium on Architecting Critical Systems
| Hi-index | 0.00 |
Browser-based attribute-exchange protocols enable users of normal web browsers to conveniently send attributes, such as authentication or demographic data, to web sites. Such protocols might become very common and almost mandatory in general consumer scenarios over the next few years. We derive the privacy requirements on such protocols from general privacy principles and study their consequences for the protocol design. We also survey to what extent proposals like Microsoft's Passport, IBM's e-Community Single Signon, SAML, Shibboleth, the Liberty Alliance specifications and a protocol BBAE of our own conform to these design consequences, and how one could go forward.