Title :
Security and Privacy Risks of Using E-mail Address as an Identity
Author :
Jin, Lei ; Takabi, Hassan ; Joshi, James B D
Author_Institution :
Sch. of Inf. Sci., Univ. of Pittsburgh, Pittsburgh, PA, USA
Abstract :
More and more websites are allowing or requiring users to input their e-mail addresses to be used either as identities or for other purposes. Although username-based identity and password problems resulting from user behaviors have been a research focus for quite some time, the serious issues related to using e-mail address as an identity and the associated online behaviors of users have not been well investigated in the literature. In this paper, we discuss and analyze security and privacy problems resulting from the use of e-mail address as identity via well-designed user behavior survey and by investigating website´s design schemes. Our results illustrate that using e-mail address as an identity poses high security and privacy risks. This is mainly because of the multiple usages of e-mail addresses and users´ improper online habits. Moreover, we discuss the drawbacks of existing solutions for e-mail address as identity and related password problems, and present two potential solutions that may secure online identity management systems in future.
Keywords :
Web design; data privacy; electronic mail; message authentication; risk analysis; e-mail address; password problems; privacy problems; secure online identity management systems; security risks; user behavior survey; username-based identity; website design schemes; Electronic mail; Facebook; Force; Postal services; Privacy; Security; authentication; e-mail address identity; security;
Conference_Titel :
Social Computing (SocialCom), 2010 IEEE Second International Conference on
Conference_Location :
Minneapolis, MN
Print_ISBN :
978-1-4244-8439-3
Electronic_ISBN :
978-0-7695-4211-9
DOI :
10.1109/SocialCom.2010.134
