Identity management is one of the major challenges on the Internet today, mainly due to the ever increasing number of services provided and at the same time an increasing amount of fraudulent service usage. As service access is becoming more and more ubiquitous, and services are used in distributed mobile environments, the challenges are growing even more, because the different points of access can now be subject to additional types of attacks towards the userpsilas credentials and otherwise private information. This paper considers some of the challenges in identity management on the Internet today, and adds to this the new requirements posed by identity management in mobile ubiquitous environments. The paper then studies the currently emerging identity management frameworks and standards initiatives, and sees how these cope with requirements both on the Web today as well as the new requirements posed by the introduction to the mobile ubiquitous environments. Then, architectures for identity management integration are proposed and the benefits of the architectures are discussed.
[1]
Yi-Bing Lin,et al.
One-pass GPRS and IMS authentication procedure for UMTS
,
2005,
IEEE Journal on Selected Areas in Communications.
[2]
Jon Finke.
Identity Management
,
2006,
LISA.
[3]
Elie Wiesel,et al.
Indelible Shadows: The Ambiguity of Identity
,
2002
.
[4]
Benny Pinkas,et al.
Securing passwords against dictionary attacks
,
2002,
CCS '02.
[5]
Giovanni Della-Libera,et al.
Web Services Trust Language (WS-Trust)
,
2002
.
[6]
Ravi S. Sandhu,et al.
Identity management
,
2003,
IEEE Internet Computing.
[7]
George Roussos,et al.
Mobile Identity Management: An Enacted View
,
2003,
Int. J. Electron. Commer..