{"status":"ok","message-type":"work","message-version":"1.0.0","message":{"indexed":{"date-parts":[[2025,6,19]],"date-time":"2025-06-19T04:19:24Z","timestamp":1750306764895,"version":"3.41.0"},"publisher-location":"New York, NY, USA","reference-count":55,"publisher":"ACM","license":[{"start":{"date-parts":[[2013,11,8]],"date-time":"2013-11-08T00:00:00Z","timestamp":1383868800000},"content-version":"vor","delay-in-days":0,"URL":"https:\/\/www.acm.org\/publications\/policies\/copyright_policy#Background"}],"content-domain":{"domain":["dl.acm.org"],"crossmark-restriction":true},"short-container-title":[],"published-print":{"date-parts":[[2013,11,8]]},"DOI":"10.1145\/2517881.2517892","type":"proceedings-article","created":{"date-parts":[[2013,11,12]],"date-time":"2013-11-12T15:29:36Z","timestamp":1384270176000},"page":"85-96","update-policy":"https:\/\/doi.org\/10.1145\/crossmark-policy","source":"Crossref","is-referenced-by-count":1,"title":["Options for integrating eID and SAML"],"prefix":"10.1145","author":[{"given":"Detlef","family":"H\u00fchnlein","sequence":"first","affiliation":[{"name":"ecsec GmbH, Michelau, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"J\u00f6rg","family":"Schwenk","sequence":"additional","affiliation":[{"name":"Ruhr-Universit\u00e4t Bochum, Bochum, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Tobias","family":"Wich","sequence":"additional","affiliation":[{"name":"ecsec GmbH, Michelau, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Vladislav","family":"Mladenov","sequence":"additional","affiliation":[{"name":"Ruhr-Universit\u00e4t Bochum, Bochum, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Florian","family":"Feldmann","sequence":"additional","affiliation":[{"name":"Ruhr-Universit\u00e4t Bochum, Bochum, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Andreas","family":"Mayer","sequence":"additional","affiliation":[{"name":"Adolf W\u00fcrth GmbH &amp; Co. KG, K\u00fcnzelsau, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Johannes","family":"Schm\u00f6lz","sequence":"additional","affiliation":[{"name":"ecsec GmbH, Michelau, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Bud","family":"Bruegger","sequence":"additional","affiliation":[{"name":"Fraunhofer IAO, Stuttgart, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]},{"given":"Moritz","family":"Horsch","sequence":"additional","affiliation":[{"name":"Technische Universit\u00e4t Darmstadt, Darmstadt, Germany"}],"role":[{"role":"author","vocabulary":"crossref"}]}],"member":"320","published-online":{"date-parts":[[2013,11,8]]},"reference":[{"key":"e_1_3_2_1_1_1","volume-title":"Version 1.0","author":"Aarts Robert","year":"2003","unstructured":"Robert Aarts . Liberty Reverse HTTP Binding for SOAP Specification. Liberty Alliance Specification , Version 1.0 , 2003 . https:\/\/www.projectliberty.org\/liberty\/content\/download\/2008\/13941\/file\/liberty-paos-v1.0.pdf. Robert Aarts. Liberty Reverse HTTP Binding for SOAP Specification. Liberty Alliance Specification, Version 1.0, 2003. https:\/\/www.projectliberty.org\/liberty\/content\/download\/2008\/13941\/file\/liberty-paos-v1.0.pdf."},{"key":"e_1_3_2_1_2_1","volume-title":"Channel bindings for tls. Request For Comments -- RFC","author":"Altman J.","year":"2010","unstructured":"J. Altman , N. Williams , and L. Zhu . Channel bindings for tls. Request For Comments -- RFC 5929, July 2010 . http:\/\/www.ietf.org\/rfc\/rfc5929.txt. J. Altman, N. Williams, and L. Zhu. Channel bindings for tls. Request For Comments -- RFC 5929, July 2010. http:\/\/www.ietf.org\/rfc\/rfc5929.txt."},{"key":"e_1_3_2_1_3_1","doi-asserted-by":"publisher","DOI":"10.1145\/1456396.1456397"},{"key":"e_1_3_2_1_4_1","volume-title":"Transport layer security (tls) channel ids. IETF Internet Draft (draft-balfanz-tls-channelid-00), expires 12.05.2013","author":"Balfanz D.","year":"2013","unstructured":"D. Balfanz and R. Hamilton . Transport layer security (tls) channel ids. IETF Internet Draft (draft-balfanz-tls-channelid-00), expires 12.05.2013 , 2013 . http:\/\/tools.ietf.org\/html\/draft-balfanz-tls-channelid-00. D. Balfanz and R. Hamilton. Transport layer security (tls) channel ids. IETF Internet Draft (draft-balfanz-tls-channelid-00), expires 12.05.2013, 2013. http:\/\/tools.ietf.org\/html\/draft-balfanz-tls-channelid-00."},{"key":"e_1_3_2_1_5_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-642-04474-8_3"},{"key":"e_1_3_2_1_6_1","volume-title":"Satish Thatte, and Dave Winer. Simple object access protocol (soap) 1.1. W3C Note: Simple Object Access Protocol (SOAP) 1.1","author":"Box Don","year":"2000","unstructured":"Don Box , David Ehnebuske , Gopal Kakivaya , Andrew Layman , Noah Mendelsohn , Henrik Frystyk Nielsen , Satish Thatte, and Dave Winer. Simple object access protocol (soap) 1.1. W3C Note: Simple Object Access Protocol (SOAP) 1.1 , May 2000 . http:\/\/www.w3.org\/TR\/2000\/NOTE-SOAP-20000508. Don Box, David Ehnebuske, Gopal Kakivaya, Andrew Layman, Noah Mendelsohn, Henrik Frystyk Nielsen, Satish Thatte, and Dave Winer. Simple object access protocol (soap) 1.1. W3C Note: Simple Object Access Protocol (SOAP) 1.1, May 2000. http:\/\/www.w3.org\/TR\/2000\/NOTE-SOAP-20000508."},{"key":"e_1_3_2_1_7_1","volume-title":"Proceedings of phBIOSIG 2008: Biometrics and Electronic Signatures","volume":"137","author":"Bruegger Bud P.","year":"2008","unstructured":"Bud P. Bruegger , Detlef H\u00fchnlein , and J\u00f6rg Schwenk . Tls-federation -- a secure and relying-party-friendly approach for federated identity management . In Proceedings of phBIOSIG 2008: Biometrics and Electronic Signatures , volume 137 of Lecture Notes in Informatics (LNI), pages 93--104. GI-Edition , 2008 . http:\/\/www.ecsec.de\/pub\/TLS-Federation.pdf. Bud P. Bruegger, Detlef H\u00fchnlein, and J\u00f6rg Schwenk. Tls-federation -- a secure and relying-party-friendly approach for federated identity management. In Proceedings of phBIOSIG 2008: Biometrics and Electronic Signatures, volume 137 of Lecture Notes in Informatics (LNI), pages 93--104. GI-Edition, 2008. http:\/\/www.ecsec.de\/pub\/TLS-Federation.pdf."},{"key":"e_1_3_2_1_8_1","volume-title":"Saml v2.0 channel binding extensions version 1.0. OASIS Working Draft 05, 22.08.2011","author":"Cantor Scott","year":"2011","unstructured":"Scott Cantor . Saml v2.0 channel binding extensions version 1.0. OASIS Working Draft 05, 22.08.2011 , 2011 . https:\/\/www.oasis-open.org\/committees\/download.php\/43302\/sstc-saml-channel-binding-ext-v1.0-wd05-diff.pdf. Scott Cantor. Saml v2.0 channel binding extensions version 1.0. OASIS Working Draft 05, 22.08.2011, 2011. https:\/\/www.oasis-open.org\/committees\/download.php\/43302\/sstc-saml-channel-binding-ext-v1.0-wd05-diff.pdf."},{"key":"e_1_3_2_1_9_1","volume-title":"Bindings for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005","author":"Cantor Scott","year":"2005","unstructured":"Scott Cantor , Frederick Hirsch , John Kemp , Rob Philpott , and Eve Maler . Bindings for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005 , 2005 . http:\/\/docs.oasisopen.org\/security\/saml\/v2.0\/saml-bindings-2.0-os.pdf. Scott Cantor, Frederick Hirsch, John Kemp, Rob Philpott, and Eve Maler. Bindings for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005, 2005. http:\/\/docs.oasisopen.org\/security\/saml\/v2.0\/saml-bindings-2.0-os.pdf."},{"key":"e_1_3_2_1_10_1","volume-title":"Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005","author":"Cantor Scott","year":"2005","unstructured":"Scott Cantor , John Kemp , Rob Philpott , and Eve Maler . Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005 , 2005 . http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-core-2.0-os.pdf. Scott Cantor, John Kemp, Rob Philpott, and Eve Maler. Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005, 2005. http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-core-2.0-os.pdf."},{"key":"e_1_3_2_1_11_1","volume-title":"Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005","author":"Cantor Scott","year":"2005","unstructured":"Scott Cantor , John Kemp , Rob Philpott , and Eve Maler . Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005 , 2005 . http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-profiles-2.0-os.pdf. Scott Cantor, John Kemp, Rob Philpott, and Eve Maler. Profiles for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005, 2005. http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-profiles-2.0-os.pdf."},{"key":"e_1_3_2_1_12_1","volume-title":"Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005","author":"Cantor Scott","year":"2005","unstructured":"Scott Cantor , Jahan Moreh , Rob Philpott , and Eve Maler . Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005 , 2005 . http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-metadata-2.0-os.pdf. Scott Cantor, Jahan Moreh, Rob Philpott, and Eve Maler. Metadata for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005, 2005. http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-metadata-2.0-os.pdf."},{"key":"e_1_3_2_1_13_1","volume-title":"Tls origin-bound certificates. IETF Internet Draft (draft-balfanz-tls-obc-01), expires 16.05.2012","author":"Balfanz Ed. D.","year":"2011","unstructured":"Ed. D. Balfanz , D. Smetters , M. Upadhyay , and A. Barth . Tls origin-bound certificates. IETF Internet Draft (draft-balfanz-tls-obc-01), expires 16.05.2012 , 2011 . http:\/\/tools.ietf.org\/id\/draft-balfanz-tls-obc-01.txt. Ed. D. Balfanz, D. Smetters, M. Upadhyay, and A. Barth. Tls origin-bound certificates. IETF Internet Draft (draft-balfanz-tls-obc-01), expires 16.05.2012, 2011. http:\/\/tools.ietf.org\/id\/draft-balfanz-tls-obc-01.txt."},{"key":"e_1_3_2_1_14_1","volume-title":"Web Cryptography API. W3C Working Draft","author":"Dahl David","year":"2013","unstructured":"David Dahl and Ryan Sleevi . Web Cryptography API. W3C Working Draft 8 January 2013 , 2013. http:\/\/www.w3.org\/TR\/WebCryptoAPI\/. David Dahl and Ryan Sleevi. Web Cryptography API. W3C Working Draft 8 January 2013, 2013. http:\/\/www.w3.org\/TR\/WebCryptoAPI\/."},{"key":"e_1_3_2_1_15_1","volume-title":"Generic aaa architecture. Request For Comments -- RFC","author":"de Laat C.","year":"2000","unstructured":"C. de Laat , G. Gross , L. Gommans , J. Vollbrecht , and D. Spence . Generic aaa architecture. Request For Comments -- RFC 2903, August 2000 . http:\/\/www.ietf.org\/rfc\/rfc2903.txt. C. de Laat, G. Gross, L. Gommans, J. Vollbrecht, and D. Spence. Generic aaa architecture. Request For Comments -- RFC 2903, August 2000. http:\/\/www.ietf.org\/rfc\/rfc2903.txt."},{"key":"e_1_3_2_1_16_1","volume-title":"The transport layer security (tls) protocol version 1.2. Request For Comments -- RFC","author":"Dierks T.","year":"2008","unstructured":"T. Dierks and E. Rescorla . The transport layer security (tls) protocol version 1.2. Request For Comments -- RFC 5246, August 2008 . http:\/\/www.ietf.org\/rfc\/rfc5246.txt. T. Dierks and E. Rescorla. The transport layer security (tls) protocol version 1.2. Request For Comments -- RFC 5246, August 2008. http:\/\/www.ietf.org\/rfc\/rfc5246.txt."},{"key":"e_1_3_2_1_17_1","first-page":"16","volume-title":"Proceedings of the 21st USENIX conference on Security symposium, Security'12","author":"Dietz Michael","year":"2012","unstructured":"Michael Dietz , Alexei Czeskis , Dirk Balfanz , and Dan S. Wallach . Origin-bound certificates: a fresh approach to strong client authentication for the web . In Proceedings of the 21st USENIX conference on Security symposium, Security'12 , pages 16 -- 16 . USENIX Association , 2012 . Michael Dietz, Alexei Czeskis, Dirk Balfanz, and Dan S. Wallach. Origin-bound certificates: a fresh approach to strong client authentication for the web. In Proceedings of the 21st USENIX conference on Security symposium, Security'12, pages 16--16. USENIX Association, 2012."},{"key":"e_1_3_2_1_18_1","volume-title":"Version 1.5, 30.11.2011","author":"Doujak Michael","year":"2011","unstructured":"Michael Doujak , Gerhard Hassenstein , Markus Limacher , Marcel Vinzens , Marc Zweiacker , Thomas Moretti , and Urs B\u00fcrge . SuisseID Specification -- Digital Certificates and Core Infrastructure Services. eCH-0113 , Version 1.5, 30.11.2011 , 2011 . http:\/\/www.ech.ch\/vechweb\/page?p=dossier&documentNumber=eCH-0113&documentVersion=1.50. Michael Doujak, Gerhard Hassenstein, Markus Limacher, Marcel Vinzens, Marc Zweiacker, Thomas Moretti, and Urs B\u00fcrge. SuisseID Specification -- Digital Certificates and Core Infrastructure Services. eCH-0113, Version 1.5, 30.11.2011, 2011. http:\/\/www.ech.ch\/vechweb\/page?p=dossier&documentNumber=eCH-0113&documentVersion=1.50."},{"key":"e_1_3_2_1_19_1","volume-title":"Proceedings of phBIOSIG 2009: Biometrics and Electronic Signatures","volume":"155","author":"Eichholz Jan","year":"2009","unstructured":"Jan Eichholz , Detlef H\u00fchnlein , and J\u00f6rg Schwenk . Samlizing the european citizen card . In Proceedings of phBIOSIG 2009: Biometrics and Electronic Signatures , volume 155 of Lecture Notes in Informatics (LNI), pages 105--117. GI-Edition , 2009 . http:\/\/www.ecsec.de\/pub\/SAMLizing-ECC.pdf. Jan Eichholz, Detlef H\u00fchnlein, and J\u00f6rg Schwenk. Samlizing the european citizen card. In Proceedings of phBIOSIG 2009: Biometrics and Electronic Signatures, volume 155 of Lecture Notes in Informatics (LNI), pages 105--117. GI-Edition, 2009. http:\/\/www.ecsec.de\/pub\/SAMLizing-ECC.pdf."},{"key":"e_1_3_2_1_20_1","volume-title":"D32.1, Version 0.1","author":"Anja Lehmann","year":"2013","unstructured":"Anja Lehmann et. al. Survey and Analysis of Existing eID and Credential Systems. FutureID Deliverable , D32.1, Version 0.1 , March 2013 . https:\/\/publicwiki-01.fraunhofer.de\/Future_ID\/images\/0\/05\/D32.1_v.0.1.pdf. Anja Lehmann et. al. Survey and Analysis of Existing eID and Credential Systems. FutureID Deliverable, D32.1, Version 0.1, March 2013. https:\/\/publicwiki-01.fraunhofer.de\/Future_ID\/images\/0\/05\/D32.1_v.0.1.pdf."},{"key":"e_1_3_2_1_21_1","volume-title":"Version 1.1.1, Part 7","author":"Information Federal Office","year":"2011","unstructured":"Federal Office for Information Security (Bundesamt f \u00fcr Sicherheit in der Informationstechnik). eCard-API-Framework -- protocols. Technical Directive (BSI-TR-03112) , Version 1.1.1, Part 7 , 2011 . http:\/\/docs.ecsec.de\/BSI-TR-03112--7-v1.1.1. Federal Office for Information Security (Bundesamt f\u00fcr Sicherheit in der Informationstechnik). eCard-API-Framework -- protocols. Technical Directive (BSI-TR-03112), Version 1.1.1, Part 7, 2011. http:\/\/docs.ecsec.de\/BSI-TR-03112--7-v1.1.1."},{"key":"e_1_3_2_1_22_1","volume-title":"Password Authenticated Connection Establishment (PACE), and Restricted Identification (RI). Technical Directive (BSI-TR-03110), Version 2.10","author":"Information Federal Office","year":"2012","unstructured":"Federal Office for Information Security (Bundesamt f \u00fcr Sicherheit in der Informationstechnik). Advanced Security Mechanism for Machine Readable Travel Documents - Extended Access Control (EAC) , Password Authenticated Connection Establishment (PACE), and Restricted Identification (RI). Technical Directive (BSI-TR-03110), Version 2.10 , 2012 . http:\/\/docs.ecsec.de\/BSI-TR-03110. Federal Office for Information Security (Bundesamt f\u00fcr Sicherheit in der Informationstechnik). Advanced Security Mechanism for Machine Readable Travel Documents - Extended Access Control (EAC), Password Authenticated Connection Establishment (PACE), and Restricted Identification (RI). Technical Directive (BSI-TR-03110), Version 2.10, 2012. http:\/\/docs.ecsec.de\/BSI-TR-03110."},{"key":"e_1_3_2_1_23_1","volume-title":"Version 1.1.2, Part 4","author":"Information Federal Office","year":"2012","unstructured":"Federal Office for Information Security (Bundesamt f \u00fcr Sicherheit in der Informationstechnik). eCard-API-Framework -- iso24727--3-interface. Technical Directive (BSI-TR-03112) , Version 1.1.2, Part 4 , 2012 . http:\/\/docs.ecsec.de\/BSI-TR-03112--4. Federal Office for Information Security (Bundesamt f\u00fcr Sicherheit in der Informationstechnik). eCard-API-Framework -- iso24727--3-interface. Technical Directive (BSI-TR-03112), Version 1.1.2, Part 4, 2012. http:\/\/docs.ecsec.de\/BSI-TR-03112--4."},{"key":"e_1_3_2_1_24_1","volume-title":"Version 1.1.2, Part 7","author":"Information Federal Office","year":"2012","unstructured":"Federal Office for Information Security (Bundesamt f \u00fcr Sicherheit in der Informationstechnik). eCard-API-Framework -- protocols. Technical Directive (BSI-TR-03112) , Version 1.1.2, Part 7 , 2012 . http:\/\/docs.ecsec.de\/BSI-TR-03112--7. Federal Office for Information Security (Bundesamt f\u00fcr Sicherheit in der Informationstechnik). eCard-API-Framework -- protocols. Technical Directive (BSI-TR-03112), Version 1.1.2, Part 7, 2012. http:\/\/docs.ecsec.de\/BSI-TR-03112--7."},{"key":"e_1_3_2_1_25_1","volume-title":"Version 1.1.2, Part 7","author":"Information Federal Office","year":"2012","unstructured":"Federal Office for Information Security (Bundesamt f \u00fcr Sicherheit in der Informationstechnik). eCard-API-Framework -- protocols. Technical Directive (BSI-TR-03112) , Version 1.1.2, Part 7 , 2012 . http:\/\/docs.ecsec.de\/BSI-TR-03112--7. Federal Office for Information Security (Bundesamt f\u00fcr Sicherheit in der Informationstechnik). eCard-API-Framework -- protocols. Technical Directive (BSI-TR-03112), Version 1.1.2, Part 7, 2012. http:\/\/docs.ecsec.de\/BSI-TR-03112--7."},{"key":"e_1_3_2_1_26_1","volume-title":"Version 1.6, 20.04.2012","author":"Information Federal Office","year":"2012","unstructured":"Federal Office for Information Security (Bundesamt f \u00fcr Sicherheit in der Informationstechnik). eID-Server. Technical Directive (BSI-TR-031030) , Version 1.6, 20.04.2012 , 2012 . http:\/\/docs.ecsec.de\/BSI-TR-03130. Federal Office for Information Security (Bundesamt f\u00fcr Sicherheit in der Informationstechnik). eID-Server. Technical Directive (BSI-TR-031030), Version 1.6, 20.04.2012, 2012. http:\/\/docs.ecsec.de\/BSI-TR-03130."},{"key":"e_1_3_2_1_27_1","volume-title":"Juni","author":"Fielding R.","year":"1999","unstructured":"R. Fielding , J. Gettys , J. Mogul , H. Frystyk , L. Masinter , P. Leach , and T. Berners-Lee . Hypertext transfer protocol -- http\/1.1. Request For Comments -- RFC 2616 , Juni 1999 . http:\/\/www.ietf.org\/rfc\/rfc2616.txt. R. Fielding, J. Gettys, J. Mogul, H. Frystyk, L. Masinter, P. Leach, and T. Berners-Lee. Hypertext transfer protocol -- http\/1.1. Request For Comments -- RFC 2616, Juni 1999. http:\/\/www.ietf.org\/rfc\/rfc2616.txt."},{"key":"e_1_3_2_1_28_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-88733-1_20"},{"key":"e_1_3_2_1_29_1","doi-asserted-by":"publisher","DOI":"10.1007\/978-3-540-88313-5_8"},{"key":"e_1_3_2_1_30_1","doi-asserted-by":"publisher","DOI":"10.5555\/956415.956441"},{"key":"e_1_3_2_1_31_1","first-page":"84","volume-title":"In IEEE Workshop on Web Services Security (WSSS)","author":"Gro\u00df Thomas","year":"2006","unstructured":"Thomas Gro\u00df and Birgit Pfitzmann . SAML artifact information flow revisited . In In IEEE Workshop on Web Services Security (WSSS) , pages 84 -- 100 , Berkeley , May 2006 . IEEE. http:\/\/www.zurich.ibm.com\/security\/publications\/2006\/GrPf06.SAML-Artifacts.rz3643.pdf. Thomas Gro\u00df and Birgit Pfitzmann. SAML artifact information flow revisited. In In IEEE Workshop on Web Services Security (WSSS), pages 84--100, Berkeley, May 2006. IEEE. http:\/\/www.zurich.ibm.com\/security\/publications\/2006\/GrPf06.SAML-Artifacts.rz3643.pdf."},{"key":"e_1_3_2_1_32_1","doi-asserted-by":"publisher","DOI":"10.1007\/11555827_28"},{"key":"e_1_3_2_1_33_1","volume-title":"Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML). OASIS Standard, 05.11.2002","author":"Hallam-Baker Phillip","year":"2002","unstructured":"Phillip Hallam-Baker and Eve Maler . Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML). OASIS Standard, 05.11.2002 , 2002 . http:\/\/www.oasis-open.org\/committees\/download.php\/2290\/oasis-sstc-saml-1.0.zip. Phillip Hallam-Baker and Eve Maler. Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML). OASIS Standard, 05.11.2002, 2002. http:\/\/www.oasis-open.org\/committees\/download.php\/2290\/oasis-sstc-saml-1.0.zip."},{"key":"e_1_3_2_1_34_1","volume-title":"Security and Privacy Considerations for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005","author":"Hirsch Frederick","year":"2005","unstructured":"Frederick Hirsch , Rob Philpott , and Eve Maler . Security and Privacy Considerations for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005 , 2005 . http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-sec-consider-2.0-os.pdf. Frederick Hirsch, Rob Philpott, and Eve Maler. Security and Privacy Considerations for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005, 2005. http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-sec-consider-2.0-os.pdf."},{"key":"e_1_3_2_1_35_1","volume-title":"Glossary for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005","author":"Hodges Jeff","year":"2005","unstructured":"Jeff Hodges , Rob Philpott , and Eve Maler . Glossary for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005 , 2005 . http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-glossary-2.0-os.pdf. Jeff Hodges, Rob Philpott, and Eve Maler. Glossary for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005, 2005. http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-glossary-2.0-os.pdf."},{"key":"e_1_3_2_1_36_1","unstructured":"Oracle Inc. Java-to-JavaScript Communication. http:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/plugin\/developer\\_guide\/java\\_js.html.  Oracle Inc. Java-to-JavaScript Communication. http:\/\/docs.oracle.com\/javase\/7\/docs\/technotes\/guides\/plugin\/developer\\_guide\/java\\_js.html."},{"key":"e_1_3_2_1_37_1","unstructured":"Java.net. LiveConnect Support in the New Java Plug-In Technology. http:\/\/jdk6.java.net\/plugin2\/liveconnect\/.  Java.net. LiveConnect Support in the New Java Plug-In Technology. http:\/\/jdk6.java.net\/plugin2\/liveconnect\/."},{"key":"e_1_3_2_1_38_1","volume-title":"OASIS Standard","author":"Michael","year":"2009","unstructured":"Michael B. Jones and Michael McIntosh. Identity Metasystem Interoperability Version 1.0 . OASIS Standard , July 2009 . http:\/\/docs.oasis-open.org\/imi\/identity\/v1.0\/os\/identity-1.0-spec-os.pdf. Michael B. Jones and Michael McIntosh. Identity Metasystem Interoperability Version 1.0. OASIS Standard, July 2009. http:\/\/docs.oasis-open.org\/imi\/identity\/v1.0\/os\/identity-1.0-spec-os.pdf."},{"key":"e_1_3_2_1_39_1","volume-title":"Authentication Context for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005","author":"Kemp John","year":"2005","unstructured":"John Kemp , Scott Cantor , Prateek Mishra , Rob Philpott , and Eve Maler . Authentication Context for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005 , 2005 . http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-authn-context-2.0-os.pdf. John Kemp, Scott Cantor, Prateek Mishra, Rob Philpott, and Eve Maler. Authentication Context for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005, 2005. http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-authn-context-2.0-os.pdf."},{"key":"e_1_3_2_1_40_1","volume-title":"OASIS Committee Specification 02, 10.08.2010","author":"Klingenstein N.","year":"2010","unstructured":"N. Klingenstein . SAML V2.0 Holder-of- Key Web Browser SSO Profile . OASIS Committee Specification 02, 10.08.2010 , 2010 . http:\/\/docs.oasis-open.org\/security\/saml\/Post2.0\/sstc-saml-holder-of-key-browser-sso.pdf. N. Klingenstein. SAML V2.0 Holder-of-Key Web Browser SSO Profile. OASIS Committee Specification 02, 10.08.2010, 2010. http:\/\/docs.oasis-open.org\/security\/saml\/Post2.0\/sstc-saml-holder-of-key-browser-sso.pdf."},{"key":"e_1_3_2_1_41_1","volume-title":"ACROS Securit","author":"Mitja","year":"2002","unstructured":"Mitja Kol\\vse. Session Fixation Vulnerability in Web-based Applications. Technical report , ACROS Securit , 2002 . Mitja Kol\\vse. Session Fixation Vulnerability in Web-based Applications. Technical report, ACROS Securit, 2002."},{"key":"e_1_3_2_1_42_1","volume-title":"SSTC Response to 'Security Analysis of the SAML Single Sign-on Browser - Artifact Profile'. OASIS Working Draft 01, 24.01.2005","author":"Linn John","year":"2005","unstructured":"John Linn and Prateek Mishra . SSTC Response to 'Security Analysis of the SAML Single Sign-on Browser - Artifact Profile'. OASIS Working Draft 01, 24.01.2005 , 2005 . http:\/\/www.oasis-open.org\/committees\/download.php\/11191\/sstc-gross-sec-analysis-response-01.pdf. John Linn and Prateek Mishra. SSTC Response to 'Security Analysis of the SAML Single Sign-on Browser - Artifact Profile'. OASIS Working Draft 01, 24.01.2005, 2005. http:\/\/www.oasis-open.org\/committees\/download.php\/11191\/sstc-gross-sec-analysis-response-01.pdf."},{"key":"e_1_3_2_1_43_1","volume-title":"Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V1.1. OASIS Standard, 02.09.2003","author":"Maler Eve","year":"2003","unstructured":"Eve Maler , Prateek Mishra , and Rob Philpott . Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V1.1. OASIS Standard, 02.09.2003 , 2003 . http:\/\/www.oasis-open.org\/committees\/download.php\/3406\/oasis-sstc-saml-core-1.1.pdf. Eve Maler, Prateek Mishra, and Rob Philpott. Assertions and Protocol for the OASIS Security Assertion Markup Language (SAML) V1.1. OASIS Standard, 02.09.2003, 2003. http:\/\/www.oasis-open.org\/committees\/download.php\/3406\/oasis-sstc-saml-core-1.1.pdf."},{"key":"e_1_3_2_1_44_1","first-page":"33","volume-title":"Bundesamt f\u00fcr Sicherheit in der Informationstechnik","author":"Mayer Andreas","year":"2011","unstructured":"Andreas Mayer and J\u00f6rg Schwenk . Sicheres Single Sign-On mit dem SAML Holder-of-Key Web Browser SSO Profile und SimpleSAMLphp . In Bundesamt f\u00fcr Sicherheit in der Informationstechnik , editor, Sicher in die digitale Welt von morgen, pages 33 -- 46 , Gau-Algesheim, May 2011 . SecuMedia Verlag . Andreas Mayer and J\u00f6rg Schwenk. Sicheres Single Sign-On mit dem SAML Holder-of-Key Web Browser SSO Profile und SimpleSAMLphp. In Bundesamt f\u00fcr Sicherheit in der Informationstechnik, editor, Sicher in die digitale Welt von morgen, pages 33--46, Gau-Algesheim, May 2011. SecuMedia Verlag."},{"key":"e_1_3_2_1_45_1","volume-title":"Conformance Requirements for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005","author":"Mishra Prateek","year":"2005","unstructured":"Prateek Mishra , Rob Philpott , and Eve Maler . Conformance Requirements for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005 , 2005 . http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-conformance-2.0-os.pdf. Prateek Mishra, Rob Philpott, and Eve Maler. Conformance Requirements for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS Standard, 15.03.2005, 2005. http:\/\/docs.oasis-open.org\/security\/saml\/v2.0\/saml-conformance-2.0-os.pdf."},{"key":"e_1_3_2_1_46_1","unstructured":"National Institute of Standards and Technology. Electronic Authentication Guideline. NIST Special Publication 800--63 Version 1.0.2. http:\/\/csrc.nist.gov\/publications\/nistpubs\/800--63\/SP800--63V1\\_0\\_2.pdf.  National Institute of Standards and Technology. Electronic Authentication Guideline. NIST Special Publication 800--63 Version 1.0.2. http:\/\/csrc.nist.gov\/publications\/nistpubs\/800--63\/SP800--63V1\\_0\\_2.pdf."},{"key":"e_1_3_2_1_47_1","doi-asserted-by":"publisher","DOI":"10.1109\/MIC.2003.1250582"},{"key":"e_1_3_2_1_48_1","volume-title":"Request For Comments -- RFC","author":"Rescorla E.","year":"2010","unstructured":"E. Rescorla . Keying material exporters for transport layer security (tls). Request For Comments -- RFC 5705, March 2010 . http:\/\/www.ietf.org\/rfc\/rfc5705.txt. E. Rescorla. Keying material exporters for transport layer security (tls). Request For Comments -- RFC 5705, March 2010. http:\/\/www.ietf.org\/rfc\/rfc5705.txt."},{"key":"e_1_3_2_1_49_1","volume-title":"OASIS Committee Specification 02, 23.01.2010","author":"Scavo Tom","year":"2010","unstructured":"Tom Scavo . SAML V2.0 Holder-of- Key Assertion Profile . OASIS Committee Specification 02, 23.01.2010 , 2010 . http:\/\/docs.oasis-open.org\/security\/saml\/Post2.0\/sstc-saml2-holder-of-key-cs-02.pdf. Tom Scavo. SAML V2.0 Holder-of-Key Assertion Profile. OASIS Committee Specification 02, 23.01.2010, 2010. http:\/\/docs.oasis-open.org\/security\/saml\/Post2.0\/sstc-saml2-holder-of-key-cs-02.pdf."},{"key":"e_1_3_2_1_50_1","doi-asserted-by":"publisher","DOI":"10.1145\/2046642.2046656"},{"key":"e_1_3_2_1_51_1","doi-asserted-by":"publisher","DOI":"10.1145\/1456492.1456495"},{"key":"e_1_3_2_1_52_1","volume-title":"SAML V2.0 Enhanced Client or Proxy Profile Version 2.0. OASIS Working Draft 07, 08.04.2013","author":"Scott Cantor","year":"2013","unstructured":"Scott Cantor et al. SAML V2.0 Enhanced Client or Proxy Profile Version 2.0. OASIS Working Draft 07, 08.04.2013 , 2013 . https:\/\/www.oasis-open.org\/committees\/download.php\/48788\/sstc-saml-ecp-v2.0-wd07.pdf. Scott Cantor et al. SAML V2.0 Enhanced Client or Proxy Profile Version 2.0. OASIS Working Draft 07, 08.04.2013, 2013. https:\/\/www.oasis-open.org\/committees\/download.php\/48788\/sstc-saml-ecp-v2.0-wd07.pdf."},{"key":"e_1_3_2_1_53_1","volume-title":"Proceedings of the 21st USENIX Security Symposium, 2012","author":"Somorovsky Juraj","year":"2012","unstructured":"Juraj Somorovsky , Andreas Mayer , J\u00f6rg Schwenk , Marco Kampmann , and Meiko Jensen . On Breaking SAML: Be Whoever You Want to Be . Proceedings of the 21st USENIX Security Symposium, 2012 . http:\/\/www.nds.rub.de\/media\/nds\/veroeffentlichungen\/ 2012 \/08\/22\/BreakingSAML_3.pdf. Juraj Somorovsky, Andreas Mayer, J\u00f6rg Schwenk, Marco Kampmann, and Meiko Jensen. On Breaking SAML: Be Whoever You Want to Be. Proceedings of the 21st USENIX Security Symposium, 2012. http:\/\/www.nds.rub.de\/media\/nds\/veroeffentlichungen\/2012\/08\/22\/BreakingSAML_3.pdf."},{"key":"e_1_3_2_1_54_1","first-page":"399","volume-title":"Lorrie Faith Cranor. Crying Wolf: An Empirical Study of SSL Warning Effectiveness. In USENIX Security Symposium","author":"Sunshine Joshua","year":"2009","unstructured":"Joshua Sunshine , Serge Egelman , Hazim Almuhimedi , Neha Atri , and Lorrie Faith Cranor. Crying Wolf: An Empirical Study of SSL Warning Effectiveness. In USENIX Security Symposium , pages 399 -- 416 , 2009 . Joshua Sunshine, Serge Egelman, Hazim Almuhimedi, Neha Atri, and Lorrie Faith Cranor. Crying Wolf: An Empirical Study of SSL Warning Effectiveness. In USENIX Security Symposium, pages 399--416, 2009."},{"key":"e_1_3_2_1_55_1","volume-title":"On the use of channel bindings to secure channels. Request For Comments -- RFC","author":"Williams N.","year":"2007","unstructured":"N. Williams . On the use of channel bindings to secure channels. Request For Comments -- RFC 5056, November 2007 . http:\/\/www.ietf.org\/rfc\/rfc5056.txt. N. Williams. On the use of channel bindings to secure channels. Request For Comments -- RFC 5056, November 2007. http:\/\/www.ietf.org\/rfc\/rfc5056.txt."}],"event":{"name":"CCS'13: 2013 ACM SIGSAC Conference on Computer and Communications Security","sponsor":["SIGSAC ACM Special Interest Group on Security, Audit, and Control"],"location":"Berlin Germany","acronym":"CCS'13"},"container-title":["Proceedings of the 2013 ACM workshop on Digital identity management"],"original-title":[],"link":[{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2517881.2517892","content-type":"unspecified","content-version":"vor","intended-application":"text-mining"},{"URL":"https:\/\/dl.acm.org\/doi\/pdf\/10.1145\/2517881.2517892","content-type":"unspecified","content-version":"vor","intended-application":"similarity-checking"}],"deposited":{"date-parts":[[2025,6,18]],"date-time":"2025-06-18T07:28:49Z","timestamp":1750231729000},"score":1,"resource":{"primary":{"URL":"https:\/\/dl.acm.org\/doi\/10.1145\/2517881.2517892"}},"subtitle":[],"short-title":[],"issued":{"date-parts":[[2013,11,8]]},"references-count":55,"alternative-id":["10.1145\/2517881.2517892","10.1145\/2517881"],"URL":"https:\/\/doi.org\/10.1145\/2517881.2517892","relation":{},"subject":[],"published":{"date-parts":[[2013,11,8]]},"assertion":[{"value":"2013-11-08","order":2,"name":"published","label":"Published","group":{"name":"publication_history","label":"Publication History"}}]}}