Abstract
Specifications such as SAML, OAuth, OpenID Connect and Mobile Connect are essential for solving identification, authentication and authorisation in contexts such as mobile apps, social networks, e-commerce, cloud computing or the Internet of Things. However, end-users relying on identity providers to access resources, applications or services lose control over the Personally Identifiable Information (PII) they share with the different providers composing identity federations. This work proposes a user-centric approach based on a recommendation system to support users in making privacy decisions such as selecting service providers or choosing their privacy settings. The proposed Privacy Advisor gives end-users privacy protection by providing personalised recommendations without compromising the identity federations’ functionalities or requiring any changes in their underlying specifications. A proof of concept of the proposed recommendation system is presented to validate and evaluate its utility and feasibility.
Subject
Electrical and Electronic Engineering,Computer Networks and Communications,Hardware and Architecture,Signal Processing,Control and Systems Engineering
Reference55 articles.
1. Putting the privacy paradox to the test: Online privacy and security behaviors among users with technical knowledge, privacy awareness, and financial resources
2. RFC 6749: The OAuth 2.0 Authorization Frameworkhttps://tools.ietf.org/html/rfc6749
3. OpenID Connect Core 1.0 Incorporating Errata Set 1https://openid.net/specs/openid-connect-core-1_0.html
4. Mobile Connecthttps://mobileconnect.io
Cited by
2 articles.
订阅此论文施引文献
订阅此论文施引文献,注册后可以免费订阅5篇论文的施引文献,订阅后可以查看论文全部施引文献
1. Participatory Design to Address Disclosure-Based Cyberbullying;Designing Interactive Systems Conference;2024-07
2. The Comparative Analysis of Technologies and Software for Single Sign-On;2023 19th International Asian School-Seminar on Optimization Problems of Complex Systems (OPCS);2023-08-14