Please use this identifier to cite or link to this item: http://hdl.handle.net/1893/25306
Appears in Collections:Computing Science and Mathematics Conference Papers and Proceedings
Peer Review Status: Refereed
Author(s): Ferdous, Md Sadek
Chowdhury, Farida
Poet, Ron
Contact Email: fch@cs.stir.ac.uk
Title: A hybrid model of attribute aggregation in federated identity management
Editor(s): Chang, V
Ramachandran, M
Walters, R
Wills, G
Citation: Ferdous MS, Chowdhury F & Poet R (2017) A hybrid model of attribute aggregation in federated identity management. In: Chang V, Ramachandran M, Walters R & Wills G (eds.) Enterprise Security. Lecture Notes in Computer Science, 10131. Enterprise Security Second International Workshop, ES 2015, Vancouver, BC, Canada, 30.11.2015-03.12.2015. Cham, Switzerland: Springer, pp. 120-154. https://doi.org/10.1007/978-3-319-54380-2_6
Issue Date: 2017
Date Deposited: 5-May-2017
Series/Report no.: Lecture Notes in Computer Science, 10131
Conference Name: Enterprise Security Second International Workshop, ES 2015
Conference Dates: 2015-11-30 - 2015-12-03
Conference Location: Vancouver, BC, Canada
Abstract: The existing model of Federated Identity Management (FIM) allows a user to provide attributes only from a single Identity Provider (IdP) per service session. However, this does not cater to the fact that the user attributes are scattered and stored across multiple IdPs. An attribute aggregation mechanism would allow a user to aggregate attributes from multiple providers and pass them to a Service Provider (SP) in a single service session which would enable the SP to offer innovative service scenarios. Unfortunately, there exist only a handful of mechanisms for aggregating attributes and most of them either require complex user interactions or are based on unrealistic assumptions. In this paper, we present a novel approach called the Hybrid ModelĀ for aggregating attributes from multiple IdPs using one of the most popular FIM technologies: Security Assertion Markup Language (SAML). We present a thorough analysis of different requirements imposed by our proposed approach and discuss how we have developed a proof of concept using our model and what design choices we have made to meet the majority of these requirements. We also illustrate two use-cases to elaborate the applicability of our approach and analyse the advantages it offers and the limitations it currently has.
Status: AM - Accepted Manuscript
Rights: Published in: Chang V., Ramachandran M., Walters R., Wills G. (eds) Enterprise Security (2017). Lecture Notes in Computer Science, vol 10131. Springer, Cham The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-54380-2_6

Files in This Item:
File Description SizeFormat 
AttributeAggregation_ESSB.pdfFulltext - Accepted Version1.11 MBAdobe PDFView/Open



This item is protected by original copyright



Items in the Repository are protected by copyright, with all rights reserved, unless otherwise indicated.

The metadata of the records in the Repository are available under the CC0 public domain dedication: No Rights Reserved https://creativecommons.org/publicdomain/zero/1.0/

If you believe that any material held in STORRE infringes copyright, please contact library@stir.ac.uk providing details and we will remove the Work from public display in STORRE and investigate your claim.