Integrating OAuth with Information Card Systems. / Al-Sinani, Haitham S.
Proceedings of IAS '11: 7th International Conference on Information Assurance and Security, Malacca, Malaysia, 5-8 December 2011. IEEE, 2011.Research output: Chapter in Book/Report/Conference proceeding › Conference contribution
Published
Documents
- Integrating OAuth with Information Card Systems
Accepted author manuscript, 114 KB, PDF document
Abstract
We propose a novel scheme to provide client-based interoperation between OAuth and an Information Card system such as CardSpace or Higgins. In this scheme, Information Card users are able to obtain a security token from an OAuth-enabled system, the contents of which can be processed by an Information Card-enabled relying party. The scheme, based on a browser extension, is transparent to OAuth providers and to identity selectors, and only requires minor changes to the operation of an Information Card-enabled relying party. We specify its operation and describe an implementation of a proof-of-concept prototype. Security and operational analyses are also provided.
| Original language | English |
|---|---|
| Title of host publication | Proceedings of IAS '11 |
| Subtitle of host publication | 7th International Conference on Information Assurance and Security, Malacca, Malaysia, 5-8 December 2011 |
| Publisher | IEEE |
| Publication status | Published - 2011 |
This open access research output is licenced under a Creative Commons Attribution-NonCommercial-NoDerivs 3.0 Unported License.
ID: 4319481