Sciweavers

DIM
2009
ACM

Privacy-aware identity management for client-side mashup applications

13 years 9 months ago
Privacy-aware identity management for client-side mashup applications
This paper concerns the problem of identity management in modern Web-2.0-based mashup applications. Identity management supports convenient access to information when mashups are used in sensitive environments, such an banking, investment and online shopping, by providing services such as single sign-on. We present Web2ID, a new identity management protocol tailored for mashup applications. Web2ID leverages a secure mashup framework and enables transfer of credentials between a service provider and a consumer. We also describe a new relay framework in which communication between two service providers is mediated by a relay agent within the mashup. We show that Web2ID is privacy-preserving and prevents service providers from learning a user’s surfing habits. We present an implementation of Web2ID and the relay framework using a JavaScript-based library that executes within the browser. Our implementation does not require client-side changes and is therefore fully compatible even wit...
Saman Zarandioon, Danfeng Yao, Vinod Ganapathy
Added 28 May 2010
Updated 28 May 2010
Type Conference
Year 2009
Where DIM
Authors Saman Zarandioon, Danfeng Yao, Vinod Ganapathy
Comments (0)