{"title":"使用移动电话的联邦身份验证机制-与OpenID的协作","authors":"R. Watanabe, Toshiaki Tanaka","doi":"10.1109/ITNG.2009.111","DOIUrl":null,"url":null,"abstract":"OpenID authentication is a method to provide a single sign-on (SSO) service among Internet service sites. OpenID has been widely adopted by blog sites because of its usability and ease of implementation. However, the assurance of the ID in OpenID authentication is a concern because currently anyone can hold accounts on an OpenID provider (OP) simply by sending a registration mail and OPs usually do not check to confirm the real identity of their applicants. In contrast, a telephone company checks the identity of their mobile service users before a contract is completed by referring to such credentials as a driver’s license or passport. Therefore, on a cellular phone, the ID, such as subscriber ID, is assured by the contract process and telephone companies can trace the user’s identity through the ID. In this paper, we propose a federation authentication scheme between Open ID and a cellular phone in order to assure the ID of the OpenID. In addition, by using the cellular phone at user authentication for each service use, secure authentication is also provided.","PeriodicalId":347761,"journal":{"name":"2009 Sixth International Conference on Information Technology: New Generations","volume":"21 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2009-04-27","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"16","resultStr":"{\"title\":\"Federated Authentication Mechanism using Cellular Phone - Collaboration with OpenID\",\"authors\":\"R. Watanabe, Toshiaki Tanaka\",\"doi\":\"10.1109/ITNG.2009.111\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"OpenID authentication is a method to provide a single sign-on (SSO) service among Internet service sites. OpenID has been widely adopted by blog sites because of its usability and ease of implementation. However, the assurance of the ID in OpenID authentication is a concern because currently anyone can hold accounts on an OpenID provider (OP) simply by sending a registration mail and OPs usually do not check to confirm the real identity of their applicants. In contrast, a telephone company checks the identity of their mobile service users before a contract is completed by referring to such credentials as a driver’s license or passport. Therefore, on a cellular phone, the ID, such as subscriber ID, is assured by the contract process and telephone companies can trace the user’s identity through the ID. In this paper, we propose a federation authentication scheme between Open ID and a cellular phone in order to assure the ID of the OpenID. In addition, by using the cellular phone at user authentication for each service use, secure authentication is also provided.\",\"PeriodicalId\":347761,\"journal\":{\"name\":\"2009 Sixth International Conference on Information Technology: New Generations\",\"volume\":\"21 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2009-04-27\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"16\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2009 Sixth International Conference on Information Technology: New Generations\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ITNG.2009.111\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2009 Sixth International Conference on Information Technology: New Generations","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ITNG.2009.111","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Federated Authentication Mechanism using Cellular Phone - Collaboration with OpenID
OpenID authentication is a method to provide a single sign-on (SSO) service among Internet service sites. OpenID has been widely adopted by blog sites because of its usability and ease of implementation. However, the assurance of the ID in OpenID authentication is a concern because currently anyone can hold accounts on an OpenID provider (OP) simply by sending a registration mail and OPs usually do not check to confirm the real identity of their applicants. In contrast, a telephone company checks the identity of their mobile service users before a contract is completed by referring to such credentials as a driver’s license or passport. Therefore, on a cellular phone, the ID, such as subscriber ID, is assured by the contract process and telephone companies can trace the user’s identity through the ID. In this paper, we propose a federation authentication scheme between Open ID and a cellular phone in order to assure the ID of the OpenID. In addition, by using the cellular phone at user authentication for each service use, secure authentication is also provided.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
