• norsk
    • English
  • English 
    • norsk
    • English
  • Login
View Item 
  •   Home
  • Fakultet for informasjonsteknologi og elektroteknikk (IE)
  • Institutt for informasjonssikkerhet og kommunikasjonsteknologi
  • View Item
  •   Home
  • Fakultet for informasjonsteknologi og elektroteknikk (IE)
  • Institutt for informasjonssikkerhet og kommunikasjonsteknologi
  • View Item
JavaScript is disabled for your browser. Some features of this site may not work without it.

Increasing Identity Governance when using OpenID: Hosting an OpenID Identity Provider on a smartphone

Stien, Eirik
Master thesis
Thumbnail
View/Open
443165_FULLTEXT01.pdf (2.728Mb)
443165_ATTACHMENT01.zip (31.01Mb)
443165_COVER01.pdf (79.19Kb)
URI
http://hdl.handle.net/11250/262458
Date
2011
Metadata
Show full item record
Collections
  • Institutt for informasjonssikkerhet og kommunikasjonsteknologi [2812]
Abstract
In the area of identity management OpenID is an identity system allowing users to log in to OpenID-enabled web sites by proving ownership of an OpenID Identifier by authenticating with its controlling OpenID Identity Provider. A user can choose to host an OpenID Identity Provider herself or trust in existing third-party providers such as Google. Technical skill is required for the former, leaving it unavailable for the average user.This thesis simplifies the matter by implementing an OpenID Identity Provider as a smartphone application, making use of the traditional server-like features inherent in such devices. New possiblities for authenticating the user arise as she is enabled to physically interact with the OpenID Identity Provider, which in the traditional scheme is performed through the web browser. As a result from these new possiblities, phishing attacks are claimed to be avoided and identity attributes are exempted from being controlled and possibly exploited by any third-party.One of several technical challenges include enabling the smartphone to receive inbound connections as this is required by the OpenID Authentication protocol, but restricted by telecom operators by default. Functionality must be in place to backup identity repositories stored on the smartphone in order not to lose possession of the established OpenID identities if the device becomes lost or damaged. Lastly, focus is given to make the solution easily applicable for even the novice consumer.
Publisher
Institutt for telematikk

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit
 

 

Browse

ArchiveCommunities & CollectionsBy Issue DateAuthorsTitlesSubjectsDocument TypesJournalsThis CollectionBy Issue DateAuthorsTitlesSubjectsDocument TypesJournals

My Account

Login

Statistics

View Usage Statistics

Contact Us | Send Feedback

Privacy policy
DSpace software copyright © 2002-2019  DuraSpace

Service from  Unit