The Community for Technology Leaders
RSS Icon
Subscribe
Issue No.05 - Sept.-Oct. (2012 vol.10)
pp: 82-85
Bart den Haak , Backbase
ABSTRACT
The integration of user customization with authentication follows four patterns. The local-user pattern tightly couples user authentication and customization. The external-user pattern loosely couples customization and authentication so that the customization module relies on the external authentication provider to authenticate users and return their unique identifiers. The local- + external-user pattern tightly couples customization to a local user account, but that account can be connected to multiple external authentication providers. Finally, the masked-external-user pattern requires extra effort to protect sensitive information about users' identity.
INDEX TERMS
Authentication, User centered design, Computer security, Open systems, Pattern recognition, computer security, user customization, authentication, privacy, local-user pattern, external-user pattern, local- + external-user pattern, masked-external-user pattern, OpenID, OAuth
CITATION
Željko Obrenović, Bart den Haak, "Integrating User Customization and Authentication: The Identity Crisis", IEEE Security & Privacy, vol.10, no. 5, pp. 82-85, Sept.-Oct. 2012, doi:10.1109/MSP.2012.119
REFERENCES
1. G. Phifer, The Emerging User Experience Platform, tech. report G00211625, Gartner, 2011; www.gartner.comid=1610217.
2. A. Rezgui, A. Bouguettaya, and M.Y. Eltoweissy, “Privacy on the Web: Facts, Challenges, and Solutions,” IEEE Security & Privacy, Nov./Dec. 2003, pp. 40–49.
3. D.A. Norman, “When Security Gets in the Way,” ACM Interactions, vol. 16, no. 6, 2009, pp. 60–63.
4. M. Dembowski, “How to NOT Store User Credentials in a Database,” blog, 1 Oct. 2012; http://blog.goyello.com/2012/01/10not-store-user-credentials-database .
5. M.N. Ko et al., “Social-Networks Connect Services,” Computer, Aug. 2010, pp. 37–43.
6. J. Kirk, “Ramnit Worm Goes after Facebook Credentials,” Computerworld,5 Jan. 2012; www.computerworld.com/s/article/9223173Ramnit_worm_goes_after_Facebook_credentials .
7. R. Wang, S. Chen, and X. Wang, “Signing Me onto Your Accounts through Facebook and Google: A Traffic-Guided Security Study of Commercially Deployed Single-Sign-On Web Services,” Proc. 2012 IEEE Symp. Security and Privacy, IEEE, 2012, pp. 365–379.
8. V. Moen and T. Tj⊘stheim, “Case Study: Online Banking Security,” IEEE Security & Privacy, Mar./Apr. 2006, pp. 14–20.
9. “Authentication Best Practices—Claimed Identifiers vs. Email Addresses,” Google; https://developers.google.com/google-apps/ marketplacebest_practices#claimed.
8 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool