Towards Improved Federated Identity and Privilege Management in Open Systems
نویسندگان
چکیده
1. Motivation The ability to federate identity across organizations while maintaining access rights and privileges poses a major challenge [5]. The solution is federated identity and privilege management. However, almost all well-known such schemes have their drawbacks. Additionally, the development of Web-based federated identity solutions has advanced more rapidly as compared to the Web-based privilege management mechanisms, resulting in a wide gap in integrating privilege management with existing federated identity mechanisms to provide a comprehensive access management solution. We discuss these challenges, namely the shortcomings of federated identity mechanisms, and their integration with privilege management mechanisms. In response, we present an integrated approach to federated identity and privilege management specifically designed for Web-based platforms.
منابع مشابه
CERIAS Tech Report 2004-32 TOWARDS IMPROVED FEDERATED IDENTITY AND PRIVILEGE MANAGEMENT IN OPEN SYSTEMS
Federated identity and privilege management are the cornerstones of access management on the Web. The increasing trend of business integration across enterprises and Web-based collaboration has led to tremendous growth of the identity and privilege management research and products in the recent past. However, despite the existence of available mechanisms, there are drawbacks in almost all well-...
متن کاملFederated Privileged Identity Management for Break-the-Glass: A Case Study with OpenAM
As next generation health monitoring and Ambient Assisted Living applications are opening up towards a variety of stakeholders and platforms, enforcing secure and reliable access to patient data by authorized users − anytime and anywhere − is paramount. However, static access control policies do not offer the flexibility to deal with unanticipated emergency situations where access to patient in...
متن کاملNegotiating Trust in Identity Metasystem
Many federated identity management systems have been proposed to solve the problem of authorizing users across security domains. Although these solutions attempt to follow the user-centric design approach to empower users by letting them make important decisions on whether to release sensitive information, they do not provide much help to users in making good decisions. More importantly, privac...
متن کاملEnabling the Autonomic Management of Federated Identity Providers
The autonomic management of federated authorization infrastructures (federations) is seen as a means for improving the monitoring and use of a service provider’s resources. However, federations are comprised of independent management domains with varying scopes of control and data ownership. The focus of this paper is on the autonomic management of federated identity providers by service provid...
متن کاملPROVIDING NATIVE SUPPORT FOR FEDERATED IDENTITY MANAGEMENT IN A BUSINESS-PROCESS-MANAGEMENT SYSTEM Identity Business Processes
To facilitate information-system security, e. g., access control or audit, the entities involved play a key role. This makes identity management an important task. The success of service-oriented architectures (SOA) has lead to the development of federated identity management (FIM), to deal with the dynamic nature of SOA and to achieve economies of scale. Business processes in SOA are a composi...
متن کامل