A Secure and Dynamic Mobile Identity Wallet Authorization Architecture Based on a XMPP Messaging Infrastructure
A Secure and Dynamic Mobile Identity Wallet Authorization Architecture Based on a XMPP Messaging Infrastructure
Files
Date
2013
Authors
Alexandre Barbosa Augusto
Manuel Eduardo Correia
Journal Title
Journal ISSN
Volume Title
Publisher
Abstract
In this chapter, the authors propose and describe an identity management framework that allows users to asynchronously control and effectively share sensitive dynamic data, thus guaranteeing security and privacy in a simple and transparent way. Their approach is realised by a fully secure mobile identity digital wallet, running on mobile devices (Android devices), where users can exercise discretionary control over the access to sensitive dynamic attributes, disclosing their value only to pre-authenticated and authorised users for determined periods of time. For that, the authors rely on an adaptation of the OAuth protocol to authorise and secure the disclosure of personal-private user data by the usage of token exchange and new XML Schemas to establish secure authorisation and disclosure of a set of supported dynamic data types that are being maintained by the personal mobile digital wallet. The communication infrastructure is fully implemented over the XMPP instant messaging protocol and is completely compatible with the public XMPP large messaging infrastructures already deployed on the Internet for real time XML document interchange. Copyright (C) 2013, IGI Global. Copying or distributing in print or electronic forms without written permission of IGI Global is prohibited.