Extending the Scope of CardSpace. / Al-Sinani, Haitham S; Mitchell, Chris J.

Proceedings of the 4th International Conference on Security of Information and Networks, SIN 2011, Sydney, NSW, Australia, November 14-19, 2011. ed. / M A Orgun; A Elci; O B Makarevich; S A Huss; J Pieprzyk; L K Babenko; A G Chefranov; R Shankaran. New York : ACM, 2011. p. 235-238.

Research output: Chapter in Book/Report/Conference proceedingConference contribution

Published

Documents

Links

Abstract

The recently-proposed PassCard scheme enables CardSpace to be used as a password manager, thereby both improving the usability and security of passwords as well as encouraging CardSpace adoption. However, this scheme does not work with sites using HTTPS, seriously limiting its practicality. In this paper we extend PassCard to support sites using both HTTP and HTTPS. Usernames and passwords are stored in CardSpace personal cards, and these cards can be used to sign on transparently to corresponding websites. PassCard does not require any changes to login servers, default browser security settings or to the CardSpace identity selector; in particular, it does not require websites to support CardSpace. PassCard operates with both the CardSpace and the Higgins identity selectors without any modification. We describe how this new version of PassCard operates, and give security and usability analyses.
Original languageEnglish
Title of host publicationProceedings of the 4th International Conference on Security of Information and Networks, SIN 2011, Sydney, NSW, Australia, November 14-19, 2011
EditorsM A Orgun, A Elci, O B Makarevich, S A Huss, J Pieprzyk, L K Babenko, A G Chefranov, R Shankaran
Place of PublicationNew York
PublisherACM
Pages235-238
Number of pages4
DOIs
Publication statusPublished - 2011
Event4th International Conference on Security of Information and Networks (SIN 2011) - Sydney, Australia
Duration: 14 Nov 201119 Nov 2011

Conference

Conference4th International Conference on Security of Information and Networks (SIN 2011)
CountryAustralia
CitySydney
Period14/11/1119/11/11
This open access research output is licenced under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.

ID: 3649556