User-Centric Identity Management
Abstract The term “user-Centric identity management” is commonly used to denote any identity management solution that can improve the user experience compared to e.g. the traditional silo identity model. Identity federation can be described as user-centric in this sense because it can support SSO (single-sign-on), but identity federation can also be described as network-centric or cloud-based identity management because the technology that supports identity federation is actually located on the network side. Another interpretation of user-centric identity management is when the technology for user-side identity management is local on the user side. Interestingly such local user-centric models provide new possibilities for improved usability, strengthened security and privacy protection, for management of both user and service provider identities. This talk gives an overview of identity management models and provides an analysis of their strengths and vulnerabilities. Of particular interest are local user-centric models that so far have received little attention from the industry and research community.
Bio Prof. Audun Jøsang joined the University of Oslo Department of Informatics in 2008. Prior to that he was Associate Professor at QUT, research leader of the Security Unit at DSTC in Brisbane, worked in the telecommunications industry for Alcatel in Belgium and for Telenor in Norway. He was also Associate Professor at the Norwegian University of Science and Technology (NTNU). Prof. Jøsang holds a Master's in Information Security from Royal Holloway College, University of London, and a PhD from NTNU in Norway.