Mobile Personal Identity Provider Based on OpenID Connect - Research portal of Justus Liebig University Giessen:

Conference paper

Mobile Personal Identity Provider Based on OpenID Connect

Authors list: Lo Iacono, Luigi; Gruschka, Nils; Nehren, Peter

Appeared in: Trust, Privacy and Security in Digital Business

Editor list: Lopez, J.; Fischer-Hübner, S.; Lambrinoudakis, C.

Publication year: 2017

Pages: 19-31

ISBN: 978-3-319-64482-0

eISBN: 978-3-319-64483-7

DOI Link: https://doi.org/10.1007/978-3-319-64483-7_2

Conference: 14th International Conference on Trust, Privacy and Security in Digital Business (TrustBus 2017)

Title of series: Lecture Notes in Computer Science

Number in series: 10442

Abstract:

In our digital society managing identities and according access credentials is as painful as needed. This is mainly due to the demand for a unique password for each service a user makes use of. Various approaches have been proposed for solving this issue amongst which Identity Provider (IDP) based systems gained most traction for Web services. An obvious disadvantage of these IDPs is, however, the level of trust a user requires to place into them. After all, an IDP stores a lot of sensitive information about its users and is able to impersonate each of them.
In the present paper we therefore propose an architecture that enables to operate a personal IDP (PIDP) on a mobile device owned by the user. To evaluate the properties of our introduced mobile PIDP (MoPIDP) we analyzed it by means of a prototype. Our MoPIDP architecture provides clear advantages in comparison to classical IDP approaches in terms of required trust and common threats like phishing and additionally regarding the usability for the end user.

Authors/Editors

- Uni.-Prof. Dr.-Ing. Luigi Lo Iacono

Citation Styles

Harvard Citation style: Lo Iacono, L., Gruschka, N. and Nehren, P. (2017) Mobile Personal Identity Provider Based on OpenID Connect, in Lopez, J., Fischer-Hübner, S. and Lambrinoudakis, C. (eds.) Trust, Privacy and Security in Digital Business. Cham: Springer. pp. 19-31. https://doi.org/10.1007/978-3-319-64483-7_2

APA Citation style: Lo Iacono, L., Gruschka, N., & Nehren, P. (2017). Mobile Personal Identity Provider Based on OpenID Connect. In Lopez, J., Fischer-Hübner, S., & Lambrinoudakis, C. (Eds.), Trust, Privacy and Security in Digital Business. (pp. 19-31). Springer. https://doi.org/10.1007/978-3-319-64483-7_2