User-Centric Identity Management Architecture Using Credential-Holding Identity Agents

User-Centric Identity Management Architecture Using Credential-Holding Identity Agents

Daisuke Mashima (Georgia Institute of Technology, USA), David Bauer (Georgia Institute of Technology, USA), Mustaque Ahamad (Georgia Institute of Technology, USA) and Douglas M. Blough (Georgia Institute of Technology, USA)
DOI: 10.4018/978-1-61350-498-7.ch005
OnDemand PDF Download:


The pervasive use of digital identities in today’s cyberspace has led to an increasing interest in the area of identity management. Recently proposed user-centric identity management systems have accomplished higher-level of user control over online identity credentials. However, while the lack of a central authority that governs the entire system requires users to be responsible for their own digital identity credentials, the existing user-centric identity management systems still have problems in terms of security, privacy, and system availability. In this chapter, we present an identity management architecture that addresses these problems. Our scheme relies on user-controlled identity agents. Identity agents realize fine-grained control over online identity disclosure by using a minimal-disclosure identity credential scheme and also improve users’ awareness over their credential usage via an identity-usage monitoring system that includes a real-time risk scoring mechanism. A proof-of-concept implementation is shown and evaluated in terms of security, user-centricity, and performance.
Chapter Preview

In this section, we start by reviewing issues and threats against existing user-centric identity management schemes. We first discuss some of the related work in user-centric identity management area, and then identify the design goals that we pursue.

Complete Chapter List

Search this Book: