Using CardSpace as a Password-based Single Sign-on System

Al-Sinani, Haitham S and Mitchell, Chris J

(2011)

Al-Sinani, Haitham S and Mitchell, Chris J (2011) Using CardSpace as a Password-based Single Sign-on System.

Our Full Text Deposits

Full text access: Open

Full text file - 326.77 KB

Links to Copies of this Item Held Elsewhere

Link to publisher copy

Abstract

In this paper we propose a simple scheme that allows CardSpace to be used as a password-based single sign-on system, thereby both improving the usability and security of passwords as well as encouraging CardSpace adoption. We describe three related approaches to achieving password-based single sign-on using CardSpace. In each case users are able to store their credentials for a set of websites in a personal card, and use it to seamlessly single sign on to all these websites. The approaches do not require any changes to login servers or to the CardSpace identity selector and, in particular, they do not require websites to support CardSpace. We also describe three proof-of-concept prototypes and give usability, security and performance analyses.

Information about this Version

This is a Submitted version
This version's date is: 23/8/2011
This item is not peer reviewed

Link to this Version

https://repository.royalholloway.ac.uk/items/38717941-b67e-519e-874d-8b011e4fd3c1/2/

Identifiers
Item Type	Monograph
Title	Using CardSpace as a Password-based Single Sign-on System
Authors	Al-Sinani, Haitham S Mitchell, Chris J
Uncontrolled Keywords	CardSpace, Single sign-on , Browser Extension
Departments	Faculty of Science\Mathematics Research Groups and Centres\Information Security\ Information Security Group

Deposited by Research Information System (atira) on 24-Jul-2012 in Royal Holloway Research Online.Last modified on 24-Jul-2012

Details

Owner: Research Information System
Collection: Royal Holloway Research Online
Version: 2 (show all)
Status: Archived