BibTeX Record for
'Smart OpenID: A Smart Card Based OpenID Protocol'
@INPROCEEDINGS{IFIPSEC12,
author = {Andreas Leicher and Andreas U. Schmidt and Yogendra Shah},
title = {Smart OpenID: A Smart Card Based OpenID Protocol},
booktitle = {Information Security and Privacy Research. 27th IFIP TC 11 Information
Security and Privacy Conference, SEC 2012, Heraklion, Crete, Greece,
June 4-6, 2012. Proceedings},
year = {2012},
editor = {Dimitris Gritzalis and Steven Furnell and Marianthi Theoharidou},
volume = {376},
series = {IFIP Advances in Information and Communication Technology},
pages = {75-86},
publisher = {Springer-Verlag},
abstract = {OpenID is a lightweight, easy to implement and deploy approach to
Single Sign-On (SSO) and Identity Management (IdM), and has great
potential for large scale user adoption especially for mobile applications.
At the same time, Mobile Network Operators are increasingly interested
in leveraging their existing infrastructure and assets for SSO and
IdM. In this paper, we present the concept of Smart OpenID, an enhancement
to OpenID which moves part of the OpenID authentication server functionality
to the smart card of the user's device. This seamless, OpenID-conformant
protocol allows for scaling security properties, and generally improves
the security of OpenID by avoiding the need to send user credentials
over the Internet and thus avoid phishing attacks. We also describe
our implementation of the Smart OpenID protocol based on an Android
phone, which interacts with OpenID-enabled web services.},
doi = {10.1007/978-3-642-30436-1_7},
isbn = {978-3-642-30435-4},
url = {http://link.springer.com/chapter/10.1007%2F978-3-642-30436-1_7}
}