Browser Extension-based Interoperation Between OAuth and Information Card-based Systems

Haitham S. Al-Sinani

Research output: Book/ReportOther report

511 Downloads (Pure)

Abstract

Whilst the growing number of identity management systems have the potential to reduce the threat of identity attacks, major deployment problems remain because of the lack of interoperability between such systems. In this paper we propose a simple scheme to provide client-based interoperation between OAuth and an Information Card-based system such as CardSpace or Higgins. In this scheme, Information Card users are able to obtain an assertion token from an OAuth-enabled system, the contents of which can be processed by an Information Card-enabled relying party. The scheme, based on a browser extension, is transparent to OAuth providers and to identity selectors, and only requires minor changes to the operation of an Information Card-enabled relying party. We specify its operation and also describe an implementation of a proof-of-concept prototype. Additionally, security and operational analyses are provided.
Original languageEnglish
PublisherDepartment of Mathematics, Royal Holloway, University of London
Number of pages25
Publication statusUnpublished - 24 Sept 2011

Publication series

NameTechnical Report Series
PublisherMathematics Department, Royal Holloway
No.RHUL-MA-2011-15

Keywords

  • Information Cards
  • CardSpace
  • Higgins
  • OAuth
  • Interoperation
  • Browser Extension

Cite this