Software // Operating Systems
News
8/3/2010
01:35 PM
Connect Directly
Google+
LinkedIn
Twitter
RSS
E-Mail
50%
50%

Google Researchers Outline Pseudonym Sign-On

Privacy worries about single sign-on identity providers could fade if Google's PseudoID system gets implemented.

Google researchers have proposed a way to prevent online identity providers from amassing information about Internet users that could harm user privacy if exposed.

In a paper presented last month at the 10th Privacy Enhancing Technologies Symposium in Berlin, Germany, Google associate product manager intern Arkajit Dey and software engineer Stephen Weis describe a system called PseudoID that uses blind cryptographic signatures to generate a pseudonym to log into Web sites through a federated identity system without revealing the user’s identity.

Single sign-on (SSO) identity systems for the Internet rely either on a centralized identity provider (Windows ID or Facebook Connect) or on a federation of identity providers (OpenID).

Web sites that participate in these systems become what’s know as relaying parties, because they relay logins to the identity provider for authentication.

The problem with both centralized and federated SSO systems, observe Dey and Weis, is that all user logins to relaying parties’ Web sites pass through an identity provider. This presents a potential privacy risk.

"A user's identity provider can easily link together the various Web sites that the user visits," the researchers state in their paper.

Were the identity provider to be breached or compelled through legal process to reveal this information, the entirety of users’ Web histories could be disclosed.

PseudoID, which is backwards compatible with OpenID, addresses this risk by preventing SSO credentials from being linked to user accounts on relaying party’s Web sites.

Through a cryptographic mechanism known as a blind signature, a user is able to present pseudonymous login credentials -- a token -- to an identity provider so that the user can be authenticated but not identified.

"The identity provider relies on the blindly signed tokens to be able to authenticate users without forcing them to reveal their identity," the paper explains. "When a user is redirected to her identity provider by a relying party, the provider checks whether the user has an access token that has been signed by the blind signer."

The PseudoID source code has been made available on Google Code and the researchers have set up a prototype identity provider that uses blind signatures at pseudoid.net.

A Google spokesperson didn’t immediately respond to a request to comment on whether the company had any plans to implement the PseudoID system.

Comment  | 
Print  | 
More Insights
Register for InformationWeek Newsletters
White Papers
Current Issue
InformationWeek Tech Digest - July 22, 2014
Sophisticated attacks demand real-time risk management and continuous monitoring. Here's how federal agencies are meeting that challenge.
Flash Poll
Video
Slideshows
Twitter Feed
InformationWeek Radio
Archived InformationWeek Radio
A UBM Tech Radio episode on the changing economics of Flash storage used in data tiering -- sponsored by Dell.
Live Streaming Video
Everything You've Been Told About Mobility Is Wrong
Attend this video symposium with Sean Wisdom, Global Director of Mobility Solutions, and learn about how you can harness powerful new products to mobilize your business potential.