Security and Privacy Risks of Using E-mail Address as an Identity

S
SOCIALCOM
2010
2010 IEEE Second International Conference on Social Computing
Abstract - Security and Privacy Risks of Using E-mail Address as an Identity

	This Article
	Subscribers, please Login Purchase article: $19 PDF RSS feed
	Share
	Email this Article to a friend
	Bibliographic References
	ASCII Text BibTex RefWorks Procite/RefMan
	Add to:
	Digg Furl Spurl Blink Simpy Google Del.icio.us Y!MyWeb
	Search
	Similar Articles Articles by Lei Jin Articles by Hassan Takabi Articles by James B.D. Joshi

2010 IEEE Second International Conference on Social Computing

Minneapolis, Minnesota, USA

August 20-August 22

ISBN: 978-0-7695-4211-9

	ASCII Text	x
	Lei Jin, Hassan Takabi, James B.D. Joshi, "Security and Privacy Risks of Using E-mail Address as an Identity," Social Computing / IEEE International Conference on Privacy, Security, Risk and Trust, 2010 IEEE International Conference on, pp. 906-913, 2010 IEEE Second International Conference on Social Computing, 2010.

	BibTex	x
	@article{ 10.1109/SocialCom.2010.134, author = {Lei Jin and Hassan Takabi and James B.D. Joshi}, title = {Security and Privacy Risks of Using E-mail Address as an Identity}, journal ={Social Computing / IEEE International Conference on Privacy, Security, Risk and Trust, 2010 IEEE International Conference on}, volume = {0}, year = {2010}, isbn = {978-0-7695-4211-9}, pages = {906-913}, doi = {http://doi.ieeecomputersociety.org/10.1109/SocialCom.2010.134}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, }

	RefWorks Procite/RefMan/Endnote	x
	TY - CONF JO - Social Computing / IEEE International Conference on Privacy, Security, Risk and Trust, 2010 IEEE International Conference on TI - Security and Privacy Risks of Using E-mail Address as an Identity SN - 978-0-7695-4211-9 SP906 EP913 A1 - Lei Jin, A1 - Hassan Takabi, A1 - James B.D. Joshi, PY - 2010 KW - e-mail address identity KW - authentication KW - security VL - 0 JA - Social Computing / IEEE International Conference on Privacy, Security, Risk and Trust, 2010 IEEE International Conference on ER -

Lei Jin

Hassan Takabi

James B.D. Joshi

DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SocialCom.2010.134

More and more websites are allowing or requiring users to input their e-mail addresses to be used either as identities or for other purposes. Although username-based identity and password problems resulting from user behaviors have been a research focus for quite some time, the serious issues related to using e-mail address as an identity and the associated online behaviors of users have not been well investigated in the literature. In this paper, we discuss and analyze security and privacy problems resulting from the use of e-mail address as identity via well-designed user behavior survey and by investigating website’s design schemes. Our results illustrate that using e-mail address as an identity poses high security and privacy risks. This is mainly because of the multiple usages of e-mail addresses and users’ improper online habits. Moreover, we discuss the drawbacks of existing solutions for e-mail address as identity and related password problems, and present two potential solutions that may secure online identity management systems in future.

Index Terms:

e-mail address identity, authentication, security

Citation:

Lei Jin, Hassan Takabi, James B.D. Joshi, "Security and Privacy Risks of Using E-mail Address as an Identity," socialcom, pp.906-913, 2010 IEEE Second International Conference on Social Computing, 2010

Peer Review Notice | Give Us Feedback

Usage of this product signifies your acceptance of the Terms of Use.