Notarized federated identity management for web services

被引:0
|
作者
Goodrich, Michael T. [1 ]
Tamassia, Roberto
Yao, Danfeng
机构
[1] Univ Calif Irvine, Dept Comp Sci, Irvine, CA 92697 USA
[2] Brown Univ, Dept Comp Sci, Providence, RI 02912 USA
来源
DATA AND APPLICATIONS SECURITY XX, PROCEEDINGS | 2006年 / 4127卷
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We propose a notarized federated identity management model that supports efficient user authentication when providers are unknown to each other. Our model introduces a notary service, owned by a trusted third-party, to dynamically notarize assertions generated by identity providers. An additional feature of our model is the avoidance of direct communications between identity providers and service providers, which provides improved privacy protection for users. We present an efficient implementation of our notarized federated identity management model based on the Secure Transaction Management System (STMS). We also give a practical solution for mitigating aspects of the identity theft problem and discuss its use in our notarized federated identity management model. The unique feature of our cryptographic solution is that it enables one to proactively prevent the leaking of secret identity information.
引用
收藏
页码:133 / 147
页数:15
相关论文
共 50 条
  • [1] Notarized federated ID management and authentication
    Goodrich, Michael
    Tamassia, Roberto
    Yao, Danfeng
    [J]. JOURNAL OF COMPUTER SECURITY, 2008, 16 (04) : 399 - 418
  • [2] Integrated Security Context Management of Web Components and Services in Federated Identity Environments
    Kumar, Apurva
    [J]. SERVICE-ORIENTED COMPUTING - ICSOC 2008, PROCEEDINGS, 2008, 5364 : 565 - 571
  • [3] Mapping Web Services Standards to Federated Identity Management Requirements for m-Health
    Liu, Hui
    Li, Ming-lu
    Lin, Xin
    [J]. ICICSE: 2008 INTERNATIONAL CONFERENCE ON INTERNET COMPUTING IN SCIENCE AND ENGINEERING, PROCEEDINGS, 2008, : 459 - +
  • [4] Scalable Federated Broker Management for Selection of Web Services
    Serhani, Mohamed Adel
    Benharref, Abdelghani
    Badidi, Elarbi
    Bouktif, Salah
    [J]. COMPUTER JOURNAL, 2012, 55 (12): : 1420 - 1439
  • [5] Web services management network - An overlay network for federated service management
    Machiraju, V
    Sahai, A
    van Moorsel, A
    [J]. INTEGRATED NETWORK MANAGEMENT VIII: MANAGING IT ALL, 2003, 118 : 351 - 364
  • [6] Identity and Access Management for Cloud Web Services
    Indu, I.
    Anand, P. M. Rubesh
    [J]. PROCEEDINGS OF THE 2015 IEEE RECENT ADVANCES IN INTELLIGENT COMPUTATIONAL SYSTEMS (RAICS), 2015, : 406 - 410
  • [7] A user management system for federated databases using web services
    Liu, FY
    Dogdu, E
    [J]. COMPUTATIONAL SCIENCE AND ITS APPLICATIONS - ICCSA 2006, PT 4, 2006, 3983 : 88 - 97
  • [8] Web services for federated systems
    Johnson, ME
    [J]. CCCT 2003, VOL6, PROCEEDINGS: COMPUTER, COMMUNICATION AND CONTROL TECHNOLOGIES: III, 2003, : 285 - 291
  • [9] Federated identity management
    Shim, SSY
    Bhalla, G
    Pendyala, V
    [J]. COMPUTER, 2005, 38 (12) : 120 - 122
  • [10] FedWare: Middleware Services to Cope with Information Consistency in Federated Identity Management
    Hoellrigl, Thorsten
    Dinger, Jochen
    Hartenstein, Hannes
    [J]. FIFTH INTERNATIONAL CONFERENCE ON AVAILABILITY, RELIABILITY, AND SECURITY: ARES 2010, PROCEEDINGS, 2010, : 228 - 235
12345