User-centric Identity Management based on secure elements

The security of large applications and distributed systems is heavily dependent on Identity Management models and infrastructures. In this paper we introduce the Identity Management approach developed in the SecFuNet project, which emphasizes the use of smartcards to user authentication and user-centric attribute delivery policies. In current identity models, user attributes are stored in identity providers and any trust relationship may spread user information across trust networks formed among identity providers. In our approach, the user controls the release of his attributes that are stored in his own smartcard. Also, the approach makes use of secure elements and virtualization for protecting user information. This paper describes aspects of our authentication model and discusses the results obtained with a prototype implementation.

[1]  Joni da Silva Fraga,et al.  An Intrusion Tolerant Identity Management Infrastructure for Cloud Computing Services , 2013, 2013 IEEE 20th International Conference on Web Services.

[2]  Cormac Herley,et al.  A large-scale study of web password habits , 2007, WWW '07.

[3]  Bart De Decker,et al.  User-Centric Identity Management Using Trusted Modules , 2010, EuroPKI.

[4]  Pascal Urien An OpenID Provider Based on SSL Smart Cards , 2010, 2010 7th IEEE Consumer Communications and Networking Conference.

[5]  A. Jøsang,et al.  User Centric Identity Management , 2005 .

[6]  Kilsoo Chun,et al.  A New Anti-phishing Method in OpenID , 2008, 2008 Second International Conference on Emerging Security Information, Systems and Technologies.

[7]  Gail-Joon Ahn,et al.  Privacy-Enhanced User-Centric Identity Management , 2009, 2009 IEEE International Conference on Communications.

[8]  Audun Jøsang,et al.  Trust Requirements in Identity Management , 2005, ACSW.

[9]  Abhilasha Bhargav-Spantzel,et al.  User centricity: a taxonomy and open issues , 2006, DIM '06.

[10]  Andreas Leicher,et al.  Smart OpenID A Smart Card based OpenID Protocol , 2012 .