Account Management Method with Blind Signature Scheme
Reducing the risk of information leaks is one of
the most important functions of identity management systems. To
achieve this purpose, Dey et al. have already proposed an account
management method for a federated login system using a blind
signature scheme. In order to ensure account anonymity for the
authentication provider, referred to as an IDP (identity provider),
a blind signature scheme is utilized to generate an authentication
token on an authentication service and the token is sent to an IDP.
However, there is a problem with the proposed system. Malicious
users can establish multiple accounts on an IDP by requesting such
accounts. As a measure to solve this problem, in this paper, the
authors propose an account checking method that is performed before
account generation.
[1] Security Assertio Markup Language (SAML) V2.0, OASIS (2005),
http://www.oasis-open.org/specs/index.php#samlv2.0
[2] OpenID Authentication 2.0 - Final, OpenID Foundation, (2007),
http://openid.net/specs/openid-authentication-2 0.txt
[3] Arkajit Dey and Stephen Weis, "PseudoID: Enhancing Privacy in Federated
Login," Proc. 3rd Hot Topics in Privacy Enhancing Technologies(
HotPETs 2010), pp.95-107 (2010).
[4] David Chaum, "Blind signatures for untraceable payments," CRYPTO,
pp.199-203 (1982).
[5] Whitfield Diffie and Martin E. Hellman, "New directions in cryptography,"
Trans. on Information Theory, IEEE, Vol. 22, Issue 6, pp. 644-654
(1976).
[1] Security Assertio Markup Language (SAML) V2.0, OASIS (2005),
http://www.oasis-open.org/specs/index.php#samlv2.0
[2] OpenID Authentication 2.0 - Final, OpenID Foundation, (2007),
http://openid.net/specs/openid-authentication-2 0.txt
[3] Arkajit Dey and Stephen Weis, "PseudoID: Enhancing Privacy in Federated
Login," Proc. 3rd Hot Topics in Privacy Enhancing Technologies(
HotPETs 2010), pp.95-107 (2010).
[4] David Chaum, "Blind signatures for untraceable payments," CRYPTO,
pp.199-203 (1982).
[5] Whitfield Diffie and Martin E. Hellman, "New directions in cryptography,"
Trans. on Information Theory, IEEE, Vol. 22, Issue 6, pp. 644-654
(1976).
@article{"International Journal of Information, Control and Computer Sciences:51787", author = "Ryu Watanabe and Yutaka Miyake", title = "Account Management Method with Blind Signature Scheme", abstract = "Reducing the risk of information leaks is one of
the most important functions of identity management systems. To
achieve this purpose, Dey et al. have already proposed an account
management method for a federated login system using a blind
signature scheme. In order to ensure account anonymity for the
authentication provider, referred to as an IDP (identity provider),
a blind signature scheme is utilized to generate an authentication
token on an authentication service and the token is sent to an IDP.
However, there is a problem with the proposed system. Malicious
users can establish multiple accounts on an IDP by requesting such
accounts. As a measure to solve this problem, in this paper, the
authors propose an account checking method that is performed before
account generation.", keywords = "identity management, blind signature, privacy protection", volume = "5", number = "11", pages = "1229-5", }