Al-Sinani, Haitham S and Mitchell, Chris J (2011) Using CardSpace as a Password-based Single Sign-on System.
Full text access: Open
In this paper we propose a simple scheme that allows CardSpace to be used as a password-based single sign-on system, thereby both improving the usability and security of passwords as well as encouraging CardSpace adoption. We describe three related approaches to achieving password-based single sign-on using CardSpace. In each case users are able to store their credentials for a set of websites in a personal card, and use it to seamlessly single sign on to all these websites. The approaches do not require any changes to login servers or to the CardSpace identity selector and, in particular, they do not require websites to support CardSpace. We also describe three proof-of-concept prototypes and give usability, security and performance analyses.
This is a Submitted version This version's date is: 23/8/2011 This item is not peer reviewed
https://repository.royalholloway.ac.uk/items/38717941-b67e-519e-874d-8b011e4fd3c1/3/
Deposited by Research Information System (atira) on 09-Aug-2012 in Royal Holloway Research Online.Last modified on 09-Aug-2012