The user perspective on consent for identity federations

This extended abstract describes the outcome of research on providing users of SURFnet’s identity federation with informed consent functionality. The central focus point of the research was the user perspective: do users actually want to be bothered with consent functionality, and if so, how to deal with the unavoidable trade-offs in the user interaction between obtrusiveness, fine-grained control and understandability. Users were involved through two small-scale in-depth user studies that were input to the design of user interaction, and through two surveys that were done as part of a large-scale pilot that took place end of 2010. The outcome of the research is three fold: (1) five guidelines on how to design consent for web-redirect based identity federations (SAML, OpenID), (2) an implementation of these guidelines, and (3) a detailed evaluation by a large number of users of this implementation.



  • Maarten Wegdam
  • Eefje van der Harst
  • Ruud Janssen

Related documents