TLS-Federation – a Secure and Relying-Party-Friendly Approach for Federated Identity Management
ISSN der Zeitschrift
BIOSIG 2008: Biometrics and Electronic Signatures
Regular Research Papers
Gesellschaft für Informatik e. V.
Federated Single-Sign-On using web browsers as User Agents becomes increasingly important. However, current proposals require substantial changes in the implementation of the Relying-Party, and concentrate on functionality rather than security against real-world attacks like Cross Site Scripting (XSS) and Pharming. We therefore propose a different approach based on Transport Layer Security (TLS), which is implemented in any web browser and web server, and which is immune against all currently known attacks.