A Generic Authentication LoA Derivation Model
نویسندگان
چکیده
One way of achieving a more fine-grained access control is to link an authentication level of assurance (LoA) derived from a requester’s authentication instance to the authorisation decision made to the requester. To realise this vision, there is a need for designing a LoA derivation model that supports the use and quantification of multiple LoA-effecting attributes, and analyse their composite effect on a given authentication instance. This paper reports the design of such a model, namely a generic LoA derivation model (GEALoADM). GEA-LoADM takes into account of multiple authentication attributes along with their relationships, abstracts the composite effect by the multiple attributes into a generic value, authentication LoA, and provides algorithms for the run-time derivation of LoA. The algorithms are tailored to reflect the relationships among the attributes involved in an authentication instance. The model has a number of valuable properties, including flexibility and extensibility; it can be applied to different application contexts and support easy addition of new attributes and removal of obsolete ones.
منابع مشابه
A Continuous LoA Compliant Trust Evaluation Method
The trust provided by authentication systems is commonly expressed with a Level of Assurance (LoA see 3). If it can be considered as a first process to simplify the expression of trust during the authentication step, it does not handle all the aspects of the authentication mechanism and especially it fails to integrate continuous authentication systems. In this paper, we propose a model based o...
متن کاملA Defined Set of LoA Recommendations for the Use within the UK Education and Research Communities
The ES-LoA project, funded by the UK Joint Information Systems Committee (JISC) under its e-Infrastructure Security Programme, investigates current and future needs among UK research and education community for a more fine-grained access control, which allows service providers to take into account of the levels of confidence in identifying a remote entity requesting for service access. Such a f...
متن کاملConvertible limited (multi-) verifier signature: new constructions and applications
A convertible limited (multi-) verifier signature (CL(M)VS) provides controlled verifiability and preserves the privacy of the signer. Furthermore, limited verifier(s) can designate the signature to a third party or convert it into a publicly verifiable signature upon necessity. In this proposal, we first present a generic construction of convertible limited verifier signature (CLVS) into which...
متن کاملA Distributed Authentication Model for an E-Health Network Using Blockchain
Introduction: One of the most important and challenging areas under the influence of information technology is the field of health. This pervasive influence has led to the development of electronic health (e-health) networks with a variety of services of different qualities. The issue of security management, maintaining confidentiality and data integrity, and exchanging it in a secure environme...
متن کاملA Distributed Authentication Model for an E-Health Network Using Blockchain
Introduction: One of the most important and challenging areas under the influence of information technology is the field of health. This pervasive influence has led to the development of electronic health (e-health) networks with a variety of services of different qualities. The issue of security management, maintaining confidentiality and data integrity, and exchanging it in a secure environme...
متن کامل