Whilst the growing number of identity management systems have the potential to reduce the threat of identity attacks, major deployment problems remain because of the lack of interoperability between such systems. In this paper we propose a novel scheme to provide interoperability between two of the most widely discussed identity management systems, namely Microsoft CardSpace and Liberty. In this scheme, CardSpace users are able to obtain an assertion token from a Liberty-enabled identity provider that will satisfy the security requirements of a CardSpace-enabled relying party. We specify the operation of the integration scheme and also describe an implementation of a proof-of-concept prototype. Additionally, security and operational analyses are provided. Categories and Subject Descriptors K.6.5 [Management of Computing and Information Systems]: Security and protection General Terms Security Keywords Identity Management, CardSpace, Liberty Alliance Project, Interoperability, SAML, Bro...
Haitham S. Al-Sinani, Waleed A. Alrodhan, Chris J.