Ginés Dólera Tormo, Félix Gómez Mármol, Gregorio Martínez Pérez
Computer Standards & Interfaces, Special Issue on Secure Mobility in Future Communication Systems under Standardization, vol. 36, no. 3, pp. 438-453
Publication year: 2014

Abstract

OpenID is an open standard providing a decentralized authentication mechanism to end users. It is based on a unique URL (Uniform Resource Locator) or XRI (Extensible Resource Identifier) as identifier of the user. This fact of using a single identifier confers this approach an interesting added-value when users want to get access to different services in the Internet, since users do not need to create a new account on every website they are visiting. However, OpenID providers are normally used as a point to store certain personal attributes of the end users too, which might be of interest for any service provider willing to make profit from collecting that personal information. The definition of a reputation management solution integrated as part of the OpenID protocol can help users to determine whether a given service provider is more or less reliable before interacting with it and transferring their private information. This paper is providing the definition of a reputation framework that can be applied to the OpenID SSO (Single Sign-On) standard solution. It also defines how the protocol itself can be enhanced so OpenID providers can collect (and provide) recommendations from (to) users regarding different service providers and thus enhancing the users’ experience when using OpenID. Besides the definition, a set of tests has been performed validating the feasibility of the framework.

Related Publications


ROMEO: ReputatiOn Model Enhancing OpenID Simulator

Conference
Ginés Dólera Tormo, Félix Gómez Mármol, Gregorio Martínez Pérez
19th European Symposium on Research in Computer Security (ESORICS), Security & Trust Management Workshop (STM), LNCS 8743, pp. 193-197, Wroclaw, Poland
Publication year: 2014

To federate or not to federate: A reputation-based mechanism to dynamize cooperation in identity management infrastructures

JournalQ4
Patricia Arias Cabarcos, Florina Almenárez, Félix Gómez Mármol, Andrés Marín
Wireless Personal Communications, Special Issue on Advances in Trust, Security and Privacy for Wireless Communication Networks, vol. 75, no. 3, pp. 1769-1786
Publication year: 2014

Co-Authors

This work would not have been possible without the inestimable contribution of:

  • Ginés Dólera Tormo
  • Gregorio Martínez Pérez
Ginés Dólera Tormo

Ginés Dólera Tormo

NEC Laboratories Europe

Web
Gregorio Martínez Pérez

Gregorio Martínez Pérez

University of Murcia

Web

Citation

Ginés Dólera Tormo, Félix Gómez Mármol, Gregorio Martínez Pérez, «Towards the integration of reputation management in OpenID«, Computer Standards & Interfaces, Special Issue on Secure Mobility in Future Communication Systems under Standardization, vol. 36, no. 3, pp. 438-453, 2014

Journal Ranking & Impact Factor