Download Now Free registration required
Information Card (InfoCard) is a user-centric identity management meta-system. It has been accepted as a standard of OASIS Identity Meta-system Interoperability Technical Committee. However, there is currently a lack of security analysis to InfoCard protocol, especially, with formal methods. In this paper, the authors accommodate such a requirement by analyzing security properties of InfoCard protocol adopting a formal protocol analysis tool. Their analysis result discovers that current InfoCard protocol is vulnerable against the session replay attack.
- Format: PDF
- Size: 412.55 KB