Home / Publications / Papers / [Paper] Why did Microsoft Passport fail, and how good is the CardSpace solution?

[Paper] Why did Microsoft Passport fail, and how good is the CardSpace solution?

Mohammed H. Almeshekah and Waleed A. Alrodhan
Proceedings of the 4th Saudi International Conference (SIC’10), Manchester, UK, 2010
Paper (full text)

ABSTRACT: Microsoft Passport was developed to be the Internet global identity management system (or IdMS). In its early days, it was adopted by many well-known organizations, such as eBay and PayPal; however, several security problems have emerged. Hence, these organizations started withdrawing from the Passport scheme. In 2005, Microsoft admitted the failure of Passport and started the development of a new IdMS called CardSpace. In this paper, we examine the security features of Passport and CardSpace, then we show how Microsoft managed to overcome most of Passport’s problems. Finally, we discuss the main security flaws in CardSpace and what Microsoft can do to improve it.

Check Also

[Paper] Back Channels Can be Useful! – Layering Authentication Channels to Provide Covert Communication

Mohammed H. Almeshekah, Mikhail J. Atallah and Eugene H. Spafford [Paper] SPW’13, in Security Protocols XXI (B. …

Leave a Reply

Your email address will not be published. Required fields are marked *