Skip to content
/ UnlimitID Public

UnlimitID: Privacy-Preserving Federated Identity Management using Algebraic MACs

License

BSD-2-Clause license
3 stars 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

moullos/UnlimitID

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

139 Commits
UnlimitID
UnlimitID
 
 
tests
tests
 
 
.coveragerc
.coveragerc
 
 
.travis.yml
.travis.yml
 
 
Dockerfile
Dockerfile
 
 
LICENSE.txt
LICENSE.txt
 
 
README.md
README.md
 
 
config_IdP.py
config_IdP.py
 
 
requirements.txt
requirements.txt
 
 
run_IdP.py
run_IdP.py
 
 
run_user.py
run_user.py
 
 
setup.py
setup.py
 
 
tox.ini
tox.ini
 
 

Repository files navigation

UnlimitID

Coverage Status

Privacy-Preserving Federated Identity Management using Algebraic MACs

UnlimitID is a method for enhancing the privacy of commodity OAuth and applications such as OpenID Connect, using anonymous attribute-based credentials based on algebrai Message Authentication Codes (aMACs). OAuth is one of the most widely used protocols on the Web, but it exposes each of the requests of a user for data by each relying party (RP) to the identity provider (IdP). Our approach allows for the creation of multiple persistent and unlinkable pseudo- identities and requires no change in the deployed code of relying parties, only in identity providers and the client.

Full version of the paper published at WPES 2016 is available at http://www0.cs.ucl.ac.uk/staff/G.Danezis/papers/UnlimitID_WPES16.pdf

Features

This repository includes 2 flask applications. UnlimitID/IdP is build upon flask-oauthlib and provides all the typical OAuth2 endpoints along with two additional endpoints providing the necessary anonymous credentials and exposing the IdP's public parameters. UnlimitID/User provides all the out-of-band functionality preluding an UnlimitID flow. A demo version of the IdP can be found here.

As both packages use petlib install the necessary libraries before attemping to run UnlimitID.

Running the identity provider

The easiest way to run the identity provider is through docker:

  1. Get the latest container
$ docker pull unlimitid/idp:latest
  1. Run it!
$ docker run -p 80:80 -d unlimitid/idp:latest

If you prefer to build the container on your own:

  1. Clone the repository
$ git clone https://github.com/moullos/UnlimitID.git
  1. Change directory
$ cd UnlimitID
  1. Build the container
$ docker build -t your_tag_here .

If you don't want to use docker:

  1. Clone the repository
$ git clone https://github.com/moullos/UnlimitID.git
  1. Change directory
$ cd UnlimitID
  1. Create a virtual env
$ virtualenv env

and activate it

$ source env/bin/activate
  1. Install the package
$ pip install .
  1. Use the run_IdP.py
$ python run_IdP.py

Running the user

In order for the user to run, an IdP must also be running in order for the user to obtain up-to-date parameters

  1. Clone the repository
$ git clone https://github.com/moullos/UnlimitID.git
  1. Change directory
$ cd UnlimitID
  1. Create a virtual env
$ virtualenv env

and activate it

$ source env/bin/activate
  1. Install the package
$ pip install .
  1. Use the run_user.py
$ python run_user.py

Note: If you are running more than 1 components of the system locally, make sure that their cookies are isolated.

Running the tests

Just install and run tox after installing the package

  1. Install tox
$ pip install tox
  1. Run it!
$ tox

About

UnlimitID: Privacy-Preserving Federated Identity Management using Algebraic MACs

Topics

oauth2 privacy identity-provider idp unlimitid

Resources

Readme

License

BSD-2-Clause license
Activity

Stars

3 stars

Watchers

0 watching

Forks

1 fork
Report repository

Releases

1 tags

Packages

 
 
 

Contributors 2

  •  
  •  

Languages