Enhancing User Authentication in Claim-Based Identity Management

Download Now Free registration required

Executive Summary

In Claim-Based Identity Management (CBIM) systems, users identify themselves using security tokens that contain personally identifiable information, and that are signed by an identity provider. However, a malicious identity provider could readily impersonate any user by generating appropriate tokens. The growing number of identity theft techniques raises the risk of service providers being deceived by untrustworthy identity providers. The authors show how this vulnerability can be mitigated by adding an authentication layer, between the user and the service provider, to a CBIM system.

  • Format: PDF
  • Size: 1056.4 KB