Research On Federated Identity Authentication Using Blind Signatures

Posted on:2019-10-23

Degree:Master

Type:Thesis

Country:China

Candidate:X Lin

Full Text:PDF

GTID:2428330596966409

Subject:Computer Science and Technology

Abstract/Summary:

PDF Full Text Request

Federated identity authentication is a mainstream authentication mode at the present stage.It minimizes the overhead of an application to verify their user's identity while also improving the user experience.While protocols like OAuth and OpenID allow users to login application with a federated identity authentication,such federated login can leak privacy-sensitive profile information,making the user's online activity more easily tracked.In view of the above security issues,this paper proposes a Blind Signature-based Federated Identity Authentication Framework(BS-FIA).The main research contents are as follows:(1)A blind signature-based federated identity authentication framework for the privacy protection in the existing OAuth protocol is proposed.BS-FIA addresses the privacy risk by interposing a privacy-preserving layer between the federated identity APIs and the third-party applications that consume them.Users can use the existing federated identity to log in to third-party applications anonymously through BS-FIA.(2)A federated identity authentication scheme based on-threshold blind signature to satisfy the anonymity of BS-FIA is proposed.In this scheme,the certificate producer in BS-FIA verifies the federated identity of user,and then produces a certificate using the-threshold blind signature scheme constructed in this paper to prove that the user's federated identity is valid.The certificate consumer verifies the certificate and generates a pseudonym for user to log into a third-party application.(3)A federated identity authentication scheme based on-threshold partially blind signature is proposed.This scheme provides abuse resistance by restricting the validity period of the certificate.It adds additional attributes in the unblinded part of the message,so that applications can learn these attributes and use them to provide appropriate content without learning the user's identity.We have implemented the prototype of BS-FIA and these two schemes.The experimental result shows that although BS-FIA spend more time than traditional OAuth authentication,it is feasible and practical.

Keywords/Search Tags:

Federated Identity Authentication, OAuth, Privacy Protection, Blind Signature

PDF Full Text Request

Related items

1	Secure And Distributed Self-sovereign Authentication Protocol With Privacy Protection
2	Research On Privacy Protection Of Identity Authentication Based On Block Chain
3	Self-Adaptive Anonymous Authentication From Attribute-based Signatures
4	Research On Privacy Protection Of User Identity And Sensing Data In Mobile Crowdsensing
5	Scheme For Health File Privacy Protection Based On Trusted Computing Technology
6	Research On Identity Privacy Protection In Mobile Networks
7	Research On Blockchain Identity Privacy And Data Privacy Protection Mechanism
8	Research On Anonymous Communication Models With Privacy Awareness
9	Research On Privacy Protection Schemes Based On Private Information Retrieval
10	Quantum Blind Signature Protocol Design And Its Application In Privacy Protection Of Personal Credit Checking