• Publications
  • Influence
A Taxonomy of Single Sign-On Systems
TLDR
A taxonomy of SSO approaches is presented and some of the SSO schemes, services and products into that context enables decisions about the design and selection of future approaches to SSO to be made within a more structured context and reveals some important differences in the security properties that can be provided by various approaches.
A New RFID Privacy Model
TLDR
This paper proposes a new RFID privacy model based on the notion of indistinguishability and that does not suffer from the identified drawbacks, and demonstrates the easy applicability of the model by applying it to multiple existing RFID protocols.
Impostor: a single sign-on system for use from untrusted devices
TLDR
The design of an SSO system that is based on a trusted proxy, and that is suitable for use from an untrusted network access device is presented, resulting in a system that works with common Web browsers.
The Extensible Authentication Protocol-Internet Key Exchange Protocol version 2 (EAP-IKEv2) Method
TLDR
EAP-IKEv2 has sucessfully passed Designated Expert Review as mandated by RFC 3748, and provides support for cryptographic ciphersuite negotiation, hash function agility, identity confidentiality, fragmentation, and an optional "fast reconnect" mode.
Single Sign-On Using Trusted Platforms
TLDR
This paper describes a method by which the end-user’s computing platform itself plays the role of the ASP, and the platform has to be a Trusted Platform conforming to the Trusted Computing Platform Alliance (TCPA) specifications.
Relations Among Privacy Notions
TLDR
The underlying definitions, which are based on the idea of indistinguishability between two worlds, provide new insights into the relation between, and the fundamental structure of, different privacy notions.
Relations among privacy notions
TLDR
A hierarchy of privacy notions that covers multiple anonymity and unlinkability variants is presented, based on the idea of indistinguishability between two worlds, which provides new insights into the relation between, and the fundamental structure of, different privacy notions.
Linking Anonymous Transactions: The Consistent View Attack
TLDR
A particular attack that may be launched by cooperating organisations in order to link the transactions and the pseudonyms of the users of an anonymous credential system and the results of the analysis are both positive and negative.
Using EMV Cards for Single Sign-On
TLDR
An SSO scheme where user authentication is based on payment cards conforming to the EMV industry standard is proposed, which does not require online card issuer participation, preserves user mobility and does not put user's financial data at risk.
Attacking Unlinkability: The Importance of Context
TLDR
A new metric is introduced that enables one to quantify the (un)linkability of the data items and, based on this, the effect of some simple contextual hints are considered.
...
1
2
3
4
5
...