Al-Sinani, Haitham S. (2011) Integrating OAuth with Information Card Systems In: Proceedings of IAS '11. IEEE.
Full text access: Open
We propose a novel scheme to provide client-based interoperation between OAuth and an Information Card system such as CardSpace or Higgins. In this scheme, Information Card users are able to obtain a security token from an OAuth-enabled system, the contents of which can be processed by an Information Card-enabled relying party. The scheme, based on a browser extension, is transparent to OAuth providers and to identity selectors, and only requires minor changes to the operation of an Information Card-enabled relying party. We specify its operation and describe an implementation of a proof-of-concept prototype. Security and operational analyses are also provided.
This is a Submitted version This version's date is: 2011 This item is not peer reviewed
https://repository.royalholloway.ac.uk/items/c068204b-7f80-9274-4195-4c9fbb4e0f98/3/
Deposited by Research Information System (atira) on 20-Sep-2012 in Royal Holloway Research Online.Last modified on 20-Sep-2012