OpenID-Enabled Browser: Towards Usable and Secure Web Single Sign-On

San-Tsai Sun ; Eric Pospisil ; Ildar Muslukhov ; Nuray Dindar ; Kirstie Hawkey ; Konstantin Beznosov

08 February 2011

Abstract: OpenID is an open and promising Web single sign-on solution; however, the interaction flows provided by OpenID are inconsistent and counter-intuitive, and vulnerable to phishing attacks. In this work, we investigated the challenges web users face when using OpenID for authentication, and designed a phishing-resistant, privacy-preserving browser add-on to provide a consistent and intuitive single sign-on user experience for the average web users.

Keyword(s): OpenID ; Web Single Sign-On ; Identity-Enabled Browser ; issnet

Published in: San-Tsai Sun, Eric Pospisil, Ildar Muslukhov, Nuray Dindar, Kirstie Hawkey, Konstantin Beznosov. OpenID-Enabled Browser: Towards Usable and Secure Web Single Sign-On. In Proceedings of the 29th International Conference Extended abstracts on Human Factors in Computing Systems (CHI '11), Vancouver, Canada, 2011.:

The record appears in these collections:
Refereed Conference Papers

 Record created 2011-02-08, last modified 2013-05-22

Transfer from CDS 0.99.7:
Download fulltext

Rate this document:

Rate this document:
(Not yet reviewed)