Poster: OpenIDemail Enabled Browser, Towards Fixing the Broken Web Single Sign-On Triangle

San-Tsai Sun ; Kirstie Hawkey ; Konstantin Beznosov

28 June 2010

Abstract: Current Web single sign-on (SSO) solutions impose a cognitive burden on web users and do not provide content-hosting and service providers (CSPs) with sufficient incentives to become relying parties (RPs). We propose a browser-based Web SSO solution that requires minimal user interaction and provide RPs with clear value propositions to motivate their adoption. Our approach builds OpenID support into web browsers, hides OpenID identifiers from users by using their existing email accounts, extends the OpenID protocol to perform authentication directly by browsers, and introduces an OpenIDAuth HTTP access authentication scheme to convey authenticated identities automatically into websites that support OpenID for authentication. Based on our approach, web users authenticate with their existing email accounts/passwords directly within a browser. With the users' consent, their identities transparently flow into OpenID-enabled websites without additional log-on steps. Our approach embeds an intuitive and consistent login experience for web users in the browser and provides RPs with instant marketable leads and the potential for gradual engagement to motivate their adoption.

Keyword(s): Web 2.0 controlled sharing ; issnet

Published in: San-Tsai Sun, Kirstie Hawkey, and Konstantin Beznosov. Poster: Openidemail enabled browser, towards fixing the broken web single sign-on triangl. poster at the SOUPS 2009, July 13th 2010.:

The record appears in these collections:

 Record created 2010-06-28, last modified 2013-05-22

Transfer from CDS 0.99.7:
Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)