%0 Conference Proceedings
%T Using CardSpace as a Password Manager
%+ Information Security Group, Royal Holloway
%A Al-Sinani, Haitham S.
%A Mitchell, Chris J.
%< avec comité de lecture
%( IFIP Advances in Information and Communication Technology
%B Second IFIP WG 11.6 Working Conference on Policies and Reseach Management (IDMAN)
%C Oslo, Norway
%Y Elisabeth Leeuw; Simone Fischer-Hübner; Lothar Fritsch
%I Springer
%3 Policies and Research in Identity Management
%V AICT-343
%P 18-30
%8 2010-11-18
%D 2010
%R 10.1007/978-3-642-17303-5_2
%Z Computer Science [cs]/Digital Libraries [cs.DL]Conference papers
%X In this paper we propose a novel scheme that allows Windows CardSpace to be used as a password manager, thereby improving the usability and security of password use as well as potentially encouraging CardSpace adoption. Usernames and passwords are stored in personal cards, and these cards can be used to sign on transparently to corresponding websites. The scheme does not require any changes to login servers or to the CardSpace identity selector and, in particular, it does not require websites to support CardSpace. We describe how the scheme operates, and give details of a proof-of-concept prototype. Security and usability analyses are also provided.
%G English
%2 https://inria.hal.science/hal-01054403/document
%2 https://inria.hal.science/hal-01054403/file/CardSpace_Password_Manager_28CPM_29_IDman2010_Final.pdf
%L hal-01054403
%U https://inria.hal.science/hal-01054403
%~ IFIP
%~ IFIP-AICT
%~ IFIP-AICT-343
%~ IFIP-TC
%~ IFIP-WG
%~ IFIP-TC11
%~ IFIP-WG11-6
%~ IFIP-IDMAN
%~ IFIP-2010