Towards a Context-Aware WebID Certificate Creation Taking Individual Conditions and Trust Needs into Account

International Conference on Information Integration and Web-based Applications & Services Pub Date : 2013-12-02 DOI:10.1145/2539150.2539185

Stefan Wild, M. Ast, M. Gaedke

{"title":"Towards a Context-Aware WebID Certificate Creation Taking Individual Conditions and Trust Needs into Account","authors":"Stefan Wild, M. Ast, M. Gaedke","doi":"10.1145/2539150.2539185","DOIUrl":null,"url":null,"abstract":"WebID is a new development of the W3C. As a universal identification mechanism, WebID enables users to authenticate through client certificates instead of username/password pairs. For creating such WebID certificates, there are different ways available. Each is characterized by several aspects that become important depending on a user's individual conditions and trust needs. Users must carefully consider these aspects on their own to find the most appropriate way for them. There is a risk that inexperienced users make wrong considerations, which affect their security and privacy. In this work, we propose an approach towards a context-aware WebID certificate creation taking individual conditions and trust needs into account. As a proof of concept, we apply the SWAC framework that facilitates JavaScript-based generation of WebID certificates on both client and server. We evaluate our approach and available methods including HTML5 keygen and native implementations using different devices and Web browsers.","PeriodicalId":424918,"journal":{"name":"International Conference on Information Integration and Web-based Applications & Services","volume":"8 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2013-12-02","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"4","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"International Conference on Information Integration and Web-based Applications & Services","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1145/2539150.2539185","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 4

Abstract

WebID is a new development of the W3C. As a universal identification mechanism, WebID enables users to authenticate through client certificates instead of username/password pairs. For creating such WebID certificates, there are different ways available. Each is characterized by several aspects that become important depending on a user's individual conditions and trust needs. Users must carefully consider these aspects on their own to find the most appropriate way for them. There is a risk that inexperienced users make wrong considerations, which affect their security and privacy. In this work, we propose an approach towards a context-aware WebID certificate creation taking individual conditions and trust needs into account. As a proof of concept, we apply the SWAC framework that facilitates JavaScript-based generation of WebID certificates on both client and server. We evaluate our approach and available methods including HTML5 keygen and native implementations using different devices and Web browsers.

查看原文本刊更多论文

考虑到个人条件和信任需求的上下文感知的web证书创建

webbid是W3C的新发展。WebID是一种通用的身份识别机制，它允许用户通过客户端证书而不是用户名/密码对进行身份验证。要创建这样的WebID证书，有不同的方法可用。每一个都有几个方面的特点，这些方面根据用户的个人条件和信任需求变得重要。用户必须自己仔细考虑这些方面，以找到最适合自己的方式。缺乏经验的用户可能会做出错误的考虑，从而影响他们的安全和隐私。在这项工作中，我们提出了一种考虑个人条件和信任需求的上下文感知web证书创建方法。作为概念验证，我们应用了SWAC框架，该框架促进了基于javascript的web证书在客户端和服务器上的生成。我们评估了我们的方法和可用的方法，包括HTML5 keygen和使用不同设备和Web浏览器的本地实现。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

International Conference on Information Integration and Web-based Applications & Services

自引率

0.00%

发文量