User-Centric Privacy for Identity Federations Based on a Recommendation System
Specifications such as SAML, OAuth, OpenID Connect and Mobile Connect are essential for solving identification, authentication and authorisation in contexts such as mobile apps, social networks, e-commerce, cloud computing or the Internet of Things. However, end-users relying on identity providers t...
Main Authors: | , |
---|---|
Format: | Article |
Language: | English |
Published: |
MDPI AG
2022-04-01
|
Series: | Electronics |
Subjects: | |
Online Access: | https://www.mdpi.com/2079-9292/11/8/1238 |
_version_ | 1797446709532426240 |
---|---|
author | Carlos Villarán Marta Beltrán |
author_facet | Carlos Villarán Marta Beltrán |
author_sort | Carlos Villarán |
collection | DOAJ |
description | Specifications such as SAML, OAuth, OpenID Connect and Mobile Connect are essential for solving identification, authentication and authorisation in contexts such as mobile apps, social networks, e-commerce, cloud computing or the Internet of Things. However, end-users relying on identity providers to access resources, applications or services lose control over the Personally Identifiable Information (PII) they share with the different providers composing identity federations. This work proposes a user-centric approach based on a recommendation system to support users in making privacy decisions such as selecting service providers or choosing their privacy settings. The proposed Privacy Advisor gives end-users privacy protection by providing personalised recommendations without compromising the identity federations’ functionalities or requiring any changes in their underlying specifications. A proof of concept of the proposed recommendation system is presented to validate and evaluate its utility and feasibility. |
first_indexed | 2024-03-09T13:44:28Z |
format | Article |
id | doaj.art-afadb22857904426aa422a08fa95a52e |
institution | Directory Open Access Journal |
issn | 2079-9292 |
language | English |
last_indexed | 2024-03-09T13:44:28Z |
publishDate | 2022-04-01 |
publisher | MDPI AG |
record_format | Article |
series | Electronics |
spelling | doaj.art-afadb22857904426aa422a08fa95a52e2023-11-30T21:02:14ZengMDPI AGElectronics2079-92922022-04-01118123810.3390/electronics11081238User-Centric Privacy for Identity Federations Based on a Recommendation SystemCarlos Villarán0Marta Beltrán1Department of Computing, ETSII, Universidad Rey Juan Carlos, c/Tulipan s/n, 28933 Mostoles, SpainDepartment of Computing, ETSII, Universidad Rey Juan Carlos, c/Tulipan s/n, 28933 Mostoles, SpainSpecifications such as SAML, OAuth, OpenID Connect and Mobile Connect are essential for solving identification, authentication and authorisation in contexts such as mobile apps, social networks, e-commerce, cloud computing or the Internet of Things. However, end-users relying on identity providers to access resources, applications or services lose control over the Personally Identifiable Information (PII) they share with the different providers composing identity federations. This work proposes a user-centric approach based on a recommendation system to support users in making privacy decisions such as selecting service providers or choosing their privacy settings. The proposed Privacy Advisor gives end-users privacy protection by providing personalised recommendations without compromising the identity federations’ functionalities or requiring any changes in their underlying specifications. A proof of concept of the proposed recommendation system is presented to validate and evaluate its utility and feasibility.https://www.mdpi.com/2079-9292/11/8/1238identity infrastructuresfederated identity managementprivacyrecommendation system |
spellingShingle | Carlos Villarán Marta Beltrán User-Centric Privacy for Identity Federations Based on a Recommendation System Electronics identity infrastructures federated identity management privacy recommendation system |
title | User-Centric Privacy for Identity Federations Based on a Recommendation System |
title_full | User-Centric Privacy for Identity Federations Based on a Recommendation System |
title_fullStr | User-Centric Privacy for Identity Federations Based on a Recommendation System |
title_full_unstemmed | User-Centric Privacy for Identity Federations Based on a Recommendation System |
title_short | User-Centric Privacy for Identity Federations Based on a Recommendation System |
title_sort | user centric privacy for identity federations based on a recommendation system |
topic | identity infrastructures federated identity management privacy recommendation system |
url | https://www.mdpi.com/2079-9292/11/8/1238 |
work_keys_str_mv | AT carlosvillaran usercentricprivacyforidentityfederationsbasedonarecommendationsystem AT martabeltran usercentricprivacyforidentityfederationsbasedonarecommendationsystem |