About cookies on this site Our websites require some cookies to function properly (required). In addition, other cookies may be used with your consent to analyze site usage, improve the user experience and for advertising. For more information, please review your options. By visiting our website, you agree to our processing of information as described in IBM’sprivacy statement. To provide a smooth navigation, your cookie preferences will be shared across the IBM web domains listed here.
Publication
WPES 2002
Conference paper
Privacy in browser-based attribute exchange
Abstract
Browser-based attribute-exchange protocols enable users of normal web browsers to conveniently send attributes, such as authentication or demographic data, to web sites. Such protocols might become very common and almost mandatory in general consumer scenarios over the next few years. We derive the privacy requirements on such protocols from general privacy principles and study their consequences for the protocol design. We also survey to what extent proposals like Microsoft's Passport, IBM's e-Community Single Signon, SAML, Shibboleth, the Liberty Alliance specifications and a protocol BBAE of our own conform to these design consequences, and how one could go forward.