Security, Privacy and Usability Requirements for Federated Identity

Provided by: Dalhousie University
Topic: Security
Format: PDF
Federated identity systems promise to solve the increasingly vexing problem of password overload. However, existing systems, such as OpenID and CardSpace have failed to gain the expected levels of adoption, due in part to usability and security issues, while proprietary systems such as Facebook Connect raise serious privacy concerns over their usage of the data collected. In this paper, the authors examine two new contenders - BrowserID from Mozilla and WebID from the W3C WebID Community Group - and find that, while both offer significant improvements, they were still able to identify a number of important security, privacy, and usability issues that need to be addressed before beginning to widely deploy these new platforms.

Find By Topic