Sciweavers

DIM
2007
ACM

Implementing identity provider on mobile phone

14 years 4 months ago
Implementing identity provider on mobile phone
We have implemented an identity provider (IdP), which is defined by the Liberty Alliance on a mobile phone. We propose an authentication method, which uses this personal IdP as a security token to prevent password leakage. In our method, the personal IdP on a mobile phone issues a security assertion signed by a private key on a Universal Subscriber Identifier Module (USIM). There are some authentication solutions that require special hardware tokens to prevent password leakage incidents, but their disadvantage is a higher distribution cost. In our method, there is no need for distribution of special hardware tokens because mobile phones are widespread personal devices. There are other authentication methods that use mobile phone terminals, but our method has the advantage that there is no need for installation of special software on PCs. In addition, users are able to carry out single sign-on (SSO) with our method by using the Liberty Alliance architecture. Compared with ordinary SSO ...
Tsuyoshi Abe, Hiroki Itoh, Kenji Takahashi
Added 14 Aug 2010
Updated 14 Aug 2010
Type Conference
Year 2007
Where DIM
Authors Tsuyoshi Abe, Hiroki Itoh, Kenji Takahashi
Comments (0)