Analysing security and privacy issues of using e-mail address as identity Online publication date: Fri, 11-Nov-2011
by Lei Jin; Hassan Takabi; James B.D. Joshi
International Journal of Information Privacy, Security and Integrity (IJIPSI), Vol. 1, No. 1, 2011
Abstract: Nowadays, many websites allow or require users to use their e-mail addresses either as identity or for other purposes. Although username-based identity problems resulting from users' behaviours have been a research focus for quite some time, the serious issues of using e-mail address as identity and the associated online behaviours of users have not been well investigated. In this paper, we discuss and analyse security and privacy problems resulting from using e-mail address as identity via well-designed user behaviour survey and by investigating websites' design schemes. Our results illustrate that using e-mail address as identity poses high security and privacy risks. This is mainly because of the multiple usages of e-mail addresses and users' improper online habits. Moreover, we discuss drawbacks of existing solutions for e-mail address as identity and related password problems, and present potential solutions that may be used to secure online identity management systems in future.
Online publication date: Fri, 11-Nov-2011
If you are not a subscriber and you just want to read the full contents of this article, buy online access here.Complimentary Subscribers, Editors or Members of the Editorial Board of the International Journal of Information Privacy, Security and Integrity (IJIPSI):
Login with your Inderscience username and password:
Want to subscribe?
A subscription gives you complete access to all articles in the current issue, as well as to all articles in the previous three years (where applicable). See our Orders page to subscribe.
If you still need assistance, please email email@example.com