Notarized federated identity management for web services

被引:0
|
作者
Goodrich, Michael T. [1 ]
Tamassia, Roberto
Yao, Danfeng
机构
[1] Univ Calif Irvine, Dept Comp Sci, Irvine, CA 92697 USA
[2] Brown Univ, Dept Comp Sci, Providence, RI 02912 USA
来源
DATA AND APPLICATIONS SECURITY XX, PROCEEDINGS | 2006年 / 4127卷
关键词
D O I
暂无
中图分类号
TP [自动化技术、计算机技术];
学科分类号
0812 ;
摘要
We propose a notarized federated identity management model that supports efficient user authentication when providers are unknown to each other. Our model introduces a notary service, owned by a trusted third-party, to dynamically notarize assertions generated by identity providers. An additional feature of our model is the avoidance of direct communications between identity providers and service providers, which provides improved privacy protection for users. We present an efficient implementation of our notarized federated identity management model based on the Secure Transaction Management System (STMS). We also give a practical solution for mitigating aspects of the identity theft problem and discuss its use in our notarized federated identity management model. The unique feature of our cryptographic solution is that it enables one to proactively prevent the leaking of secret identity information.
引用
收藏
页码:133 / 147
页数:15
相关论文
共 50 条
  • [41] Federated Identity and Access Management for the Internet of Things
    Fremantle, Paul
    Aziz, Benjamin
    Kopecky, Jacek
    Scott, Philip
    [J]. 2014 INTERNATIONAL WORKSHOP ON SECURE INTERNET OF THINGS (SIOT), 2014, : 10 - 17
  • [42] Enabling the Autonomic Management of Federated Identity Providers
    Bailey, Christopher
    Chadwick, David W.
    de Lemos, Rogerio
    Siu, Kristy W. S.
    [J]. EMERGING MANAGEMENT MECHANISMS FOR THE FUTURE INTERNET (AIMS 2013), 2013, 7943 : 100 - 111
  • [43] Application of Federated Identity Management in ERP System
    Guo, Chunfang
    Wang, Ying
    [J]. IEEE/SOLI'2008: PROCEEDINGS OF 2008 IEEE INTERNATIONAL CONFERENCE ON SERVICE OPERATIONS AND LOGISTICS, AND INFORMATICS, VOLS 1 AND 2, 2008, : 1971 - 1974
  • [44] A Review of Federated Identity Management of OpenStack Cloud
    Shere, Rohit
    Srivastava, Sonika
    Pateriya, R. K.
    [J]. 2017 INTERNATIONAL CONFERENCE ON RECENT INNOVATIONS IN SIGNAL PROCESSING AND EMBEDDED SYSTEMS (RISE), 2017, : 516 - 520
  • [45] Ensuring information assurance in federated identity management
    Shin, D
    Ahn, GJ
    Shenoy, P
    [J]. CONFERENCE PROCEEDINGS OF THE 2004 IEEE INTERNATIONAL PERFORMANCE, COMPUTING, AND COMMUNICATIONS CONFERENCE, 2004, : 821 - 826
  • [46] A Survey of Security Analysis in Federated Identity Management
    Simpson, Sean
    Gross, Thomas
    [J]. PRIVACY AND IDENTITY MANAGEMENT: FACING UP TO NEXT STEPS, 2016, 498 : 231 - 247
  • [47] Achieving Privacy in a Federated Identity Management System
    Landau, Susan
    Le Van Gong, Hubert
    Wilton, Robin
    [J]. FINANCIAL CRYPTOGRAPHY AND DATA SECURITY, 2009, 5628 : 51 - 70
  • [48] Federated Identity Management (FIM): Challenges and Opportunities
    Malik, Ali Ahmad
    Anwar, Hirra
    Shibli, Muhammad Awais
    [J]. 2015 CONFERENCE ON INFORMATION ASSURANCE AND CYBER SECURITY (CIACS), 2015, : 75 - 82
  • [49] Potential Impacts in Citizens' Privacy of using Federated Identity Management to Offer e-Government Services
    Navas, Jorge
    Beltran, Marta
    [J]. PROCEEDINGS OF THE 16TH INTERNATIONAL JOINT CONFERENCE ON E-BUSINESS AND TELECOMMUNICATIONS, VOL 2: SECRYPT, 2019, : 350 - 355
  • [50] User-centric privacy management for federated identity management
    Ahn, Gail-Joon
    Ko, Moonam
    [J]. 2007 INTERNATIONAL CONFERENCE ON COLLABORATIVE COMPUTING: NETWORKING, APPLICATIONS AND WORKSHARING, 2008, : 187 - 195
12345