Abstract
The question was, where have all the protocols gone? One answer, at least where authentication protocols might go, is what’s called federated identity management protocols.
This is a fairly vague term, and essentially I mean protocols like Microsoft Passport and the Liberty Alliance protocols. I have in the paper a complete protocol proposal which I think is better than those ones, called BBAE.
You want to look at privacy, security, and access control points, and analyse these protocols, but they have quite a lot of limits. They contain useful things like operations security, browsers and passwords, and operating systems. And from the privacy point of view, you can actually have very good privacy with them for the typical case where there’s no certification. If you want them together with the certifier, that can’t be done without something that makes credentials, and as I said these sorts of problems raise analysis challenges.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2005 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Pfitzmann, B. (2005). Federated Identity-Management Protocols. In: Christianson, B., Crispo, B., Malcolm, J.A., Roe, M. (eds) Security Protocols. Security Protocols 2003. Lecture Notes in Computer Science, vol 3364. Springer, Berlin, Heidelberg. https://doi.org/10.1007/11542322_21
Download citation
DOI: https://doi.org/10.1007/11542322_21
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-540-28389-8
Online ISBN: 978-3-540-31836-1
eBook Packages: Computer ScienceComputer Science (R0)