Mobile Personal Identity Provider Based on OpenID Connect - Forschungsportal der Justus-Liebig-Universität Gießen:

Konferenzpaper

Mobile Personal Identity Provider Based on OpenID Connect

Autorenliste: Lo Iacono, Luigi; Gruschka, Nils; Nehren, Peter

Erschienen in: Trust, Privacy and Security in Digital Business

Herausgeberliste: Lopez, J.; Fischer-Hübner, S.; Lambrinoudakis, C.

Jahr der Veröffentlichung: 2017

Seiten: 19-31

ISBN: 978-3-319-64482-0

eISBN: 978-3-319-64483-7

DOI Link: https://doi.org/10.1007/978-3-319-64483-7_2

Konferenz: 14th International Conference on Trust, Privacy and Security in Digital Business (TrustBus 2017)

Serientitel: Lecture Notes in Computer Science

Serienzählung: 10442

Abstract:

In our digital society managing identities and according access credentials is as painful as needed. This is mainly due to the demand for a unique password for each service a user makes use of. Various approaches have been proposed for solving this issue amongst which Identity Provider (IDP) based systems gained most traction for Web services. An obvious disadvantage of these IDPs is, however, the level of trust a user requires to place into them. After all, an IDP stores a lot of sensitive information about its users and is able to impersonate each of them.
In the present paper we therefore propose an architecture that enables to operate a personal IDP (PIDP) on a mobile device owned by the user. To evaluate the properties of our introduced mobile PIDP (MoPIDP) we analyzed it by means of a prototype. Our MoPIDP architecture provides clear advantages in comparison to classical IDP approaches in terms of required trust and common threats like phishing and additionally regarding the usability for the end user.

Autoren/Herausgeber

- Uni.-Prof. Dr.-Ing. Luigi Lo Iacono

Zitierstile

Harvard-Zitierstil: Lo Iacono, L., Gruschka, N. and Nehren, P. (2017) Mobile Personal Identity Provider Based on OpenID Connect, in Lopez, J., Fischer-Hübner, S. and Lambrinoudakis, C. (eds.) Trust, Privacy and Security in Digital Business. Cham: Springer. pp. 19-31. https://doi.org/10.1007/978-3-319-64483-7_2

APA-Zitierstil: Lo Iacono, L., Gruschka, N., & Nehren, P. (2017). Mobile Personal Identity Provider Based on OpenID Connect. In Lopez, J., Fischer-Hübner, S., & Lambrinoudakis, C. (Eds.), Trust, Privacy and Security in Digital Business. (pp. 19-31). Springer. https://doi.org/10.1007/978-3-319-64483-7_2