|Appears in Collections:||Computing Science and Mathematics Conference Papers and Proceedings|
|Peer Review Status:||Refereed|
|Author(s):||Ferdous, Md Sadek|
|Title:||A hybrid model of attribute aggregation in federated identity management|
|Citation:||Ferdous MS, Chowdhury F & Poet R (2017) A hybrid model of attribute aggregation in federated identity management. In: Chang V, Ramachandran M, Walters R & Wills G (eds.) Enterprise Security. Lecture Notes in Computer Science, 10131. Enterprise Security Second International Workshop, ES 2015, Vancouver, BC, Canada, 30.11.2015-03.12.2015. Cham, Switzerland: Springer, pp. 120-154. https://doi.org/10.1007/978-3-319-54380-2_6|
|Series/Report no.:||Lecture Notes in Computer Science, 10131|
|Conference Name:||Enterprise Security Second International Workshop, ES 2015|
|Conference Dates:||2015-11-30 - 2015-12-03|
|Conference Location:||Vancouver, BC, Canada|
|Abstract:||The existing model of Federated Identity Management (FIM) allows a user to provide attributes only from a single Identity Provider (IdP) per service session. However, this does not cater to the fact that the user attributes are scattered and stored across multiple IdPs. An attribute aggregation mechanism would allow a user to aggregate attributes from multiple providers and pass them to a Service Provider (SP) in a single service session which would enable the SP to offer innovative service scenarios. Unfortunately, there exist only a handful of mechanisms for aggregating attributes and most of them either require complex user interactions or are based on unrealistic assumptions. In this paper, we present a novel approach called the Hybrid Model for aggregating attributes from multiple IdPs using one of the most popular FIM technologies: Security Assertion Markup Language (SAML). We present a thorough analysis of different requirements imposed by our proposed approach and discuss how we have developed a proof of concept using our model and what design choices we have made to meet the majority of these requirements. We also illustrate two use-cases to elaborate the applicability of our approach and analyse the advantages it offers and the limitations it currently has.|
|Status:||AM - Accepted Manuscript|
|Rights:||Published in: Chang V., Ramachandran M., Walters R., Wills G. (eds) Enterprise Security (2017). Lecture Notes in Computer Science, vol 10131. Springer, Cham The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-54380-2_6|
|AttributeAggregation_ESSB.pdf||Fulltext - Accepted Version||1.11 MB||Adobe PDF||View/Open|
This item is protected by original copyright
Items in the Repository are protected by copyright, with all rights reserved, unless otherwise indicated.
If you believe that any material held in STORRE infringes copyright, please contact firstname.lastname@example.org providing details and we will remove the Work from public display in STORRE and investigate your claim.