Abstract: Reducing the risk of information leaks is one of
the most important functions of identity management systems. To
achieve this purpose, Dey et al. have already proposed an account
management method for a federated login system using a blind
signature scheme. In order to ensure account anonymity for the
authentication provider, referred to as an IDP (identity provider),
a blind signature scheme is utilized to generate an authentication
token on an authentication service and the token is sent to an IDP.
However, there is a problem with the proposed system. Malicious
users can establish multiple accounts on an IDP by requesting such
accounts. As a measure to solve this problem, in this paper, the
authors propose an account checking method that is performed before
account generation.