CardSpace in the Clouds

Issue/Topic: CardSpace in the Clouds

Convener: David Chadwick

Session: 4A

Conference: IIW-Europe October 11, London Complete Notes Page

Notes-taker(s): David Chadwick

Tags for the session - technology discussed/ideas considered:

Discussion notes, key understandings, outstanding questions, observations, and, if appropriate to this discussion: action items, next steps:

CardSpace in the Clouds is a privacy preserving attribute aggregation scheme that gives a user full control over the partial release of his attributes to service providers. The service provider receives signed assertions from each attribute authority attesting that the user of the current session does indeed possess this set of attributes. The user can choose which attributes to release by clicking on multiple cards. Each card will typically contain only one attribute e.g. visa card holder, or address, or age, or club membership etc. (or a small set of highly related attributes such as degree, classification and subject). The interface is highly intuitive and based on the existing CardSpace interface, with the addition that multiple cards can be selected.

The system provides the user with full mobility and multi-device use since the card selector lives "in the cloud" (as opposed to the current CardSpace system where the selector lives in the browser).

The system provides a simple to use alternative to U-Prove and Idemix, as it is based on existing technologies (SAML assertions and Liberty Alliance EPRs).

Attachments

i)

ii)

-- David W. Chadwick, BSc PhD Professor of Information Systems Security School of Computing, University of Kent, Canterbury, CT2 7NF Skype Name: davidwchadwick Tel: +44 1227 82 3221 Fax +44 1227 762 811 Mobile: +44 77 96 44 7184 Email: D.W.Chadwick@kent.ac.uk Home Page: http://www.cs.kent.ac.uk/people/staff/dwc8/index.html