Skip to main content

Mobile personal identity provider based on openID connect

1Citations
Citations of this article
12Readers
Mendeley users who have this article in their library.
Get full text

Abstract

In our digital society managing identities and according access credentials is as painful as needed. This is mainly due to the demand for a unique password for each service a user makes use of. Various approaches have been proposed for solving this issue amongst which Identity Provider (IDP) based systems gained most traction for Web services. An obvious disadvantage of these IDPs is, however, the level of trust a user requires to place into them. After all, an IDP stores a lot of sensitive information about its users and is able to impersonate each of them. In the present paper we therefore propose an architecture that enables to operate a personal IDP (PIDP) on a mobile device owned by the user. To evaluate the properties of our introduced mobile PIDP (MoPIDP) we analyzed it by means of a prototype. Our MoPIDP architecture provides clear advantages in comparison to classical IDP approaches in terms of required trust and common threats like phishing and additionally regarding the usability for the end user.

Cite

CITATION STYLE

APA

Iacono, L. L., Gruschka, N., & Nehren, P. (2017). Mobile personal identity provider based on openID connect. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 10442 LNCS, pp. 19–31). Springer Verlag. https://doi.org/10.1007/978-3-319-64483-7_2

Register to see more suggestions

Mendeley helps you to discover research relevant for your work.

Already have an account?

Save time finding and organizing research with Mendeley

Sign up for free