To search, Click below search items.


All Published Papers Search Service


Security Investigation and Analysis of OpenID: Problems and Enhancements


Waleed A. Alrodhan and Alya I. Alqarni


Vol. 17  No. 10  pp. 198-211


OpenID is a widely used identity management system (IdMS) by which identity providers (IdPs) provide their users with 'open' identities that can be used to log in to particular relaying parties (RPs). OpenID implements a single sign-on (SSO) solution that reduces the number of authentication credentials that are required. An SSO permits users to authenticate themselves to many SPs by using one set of authentication credentials. OpenID is faster and easier than the traditional method, which requires the user to manage a large number of digital identities, since each SP only recognises the identity it has issued. This increases the security risk of identity theft and, at the same time, forms an obstacle with regard to user convenience. The aim of this paper is to analyse the security of OpenID by identifying its weaknesses and vulnerabilities using OWASP tools, and to enhance OpenID current protocols by proposing a novel high-level integration model of OpenID and Higgins (an Information Card based IdMS).


OpenID, Higgins, Security, Identity, Privacy..