The problem of federated identity, the ability to sign-in across multiple services, has not been solved in a privacy-respecting or secure manner. We briefly analyze the design of OpenID Connect, as implemented by Google and Microsoft, and BrowserID as implemented by Mozilla Personae. Then we consider a capabilities-based approach to federated identity that posits identity to be a set of capabilities that a user can prove to a service that they possess, such as possession of the capability to check a particular email address. Then we show how we can extend existing federated identity approaches can be re-designed using capabilities verified by the use of key material.
CITATION STYLE
Halpin, H., & Cook, B. (2014). Federated identity as capabilities. In Lecture Notes in Computer Science (including subseries Lecture Notes in Artificial Intelligence and Lecture Notes in Bioinformatics) (Vol. 8319, pp. 125–139). Springer Verlag. https://doi.org/10.1007/978-3-642-54069-1_8
Mendeley helps you to discover research relevant for your work.