Notarized federated ID management and authentication
نویسندگان
چکیده
We propose a notarized federated identity management model that supports efficient user authentication when providers are unknown to each other. Our model introduces a notary service, owned by a trusted third-party, to dynamically notarize assertions generated by identity providers. An additional feature of our model is the avoidance of direct communications between identity providers and service providers, which provides improved privacy protection for users. We present an efficient implementation of our notarized federated identity management model based on the Secure Transaction Management System (STMS). We also give a practical solution for mitigating aspects of the identity theft problem and discuss its use in our notarized federated identity management model. The unique feature of our cryptographic solution is that it enables one to proactively prevent the leaking of secret identity information.
منابع مشابه
Multi Notarized Identity Management in Cloud using Level based Cryptography
Cloud computing is a recently developed with a new technology for complex systems with massivescale services sharing among numerous users. Today most cloud computing system use asymmetric and traditional public key cryptography to provide data security and mutual authentication. Federated Identity Management is a secure single sign-on process between each other and it can enable the portability...
متن کاملNotarized Federated Identity Management for Web Services
We propose a notarized federated identity management model that supports efficient user authentication when providers are unknown to each other. Our model introduces a notary service, owned by a trusted third-party, to dynamically notarize assertions generated by identity providers. An additional feature of our model is the avoidance of direct communications between identity providers and servi...
متن کاملSimulation Study of Different Authentication Protocols Used for Federated Identity Management in Cloud
rganizations needed a way to unify authentication systems in the enterprise for easier management and better security. Single-sign-on was widely adopted and provided a solution for keeping one repository of usernames and passwords that could be used transparently across several internal applications. After analyzing various issues regarding authentication of user’s in federated systems we have ...
متن کاملStrengthen Cloud Computing Security with Federal Identity Management Using Hierarchical Identity-Based Cryptography
More and more companies begin to provide different kinds of cloud computing services for Internet users at the same time these services also bring some security problems. Currently the majority of cloud computing systems provide digital identity for users to access their services, this will bring some inconvenience for a hybrid cloud that includes multiple private clouds and/or public clouds. T...
متن کاملUnified Authentication Scheme Based on IBE in Trusted Network
The existing unified authentication schemes are based on Public Key Infrastructure (PKI)/Privilege Management Infrastructure (PMI), WS-Security, Kerberos etc. But they can't support the developing Trusted Network Connect (TNC) environment. To solve the problem, a unified authentication scheme supporting multi-authentication modes based on Identity-Based Encryption (IBE) in trusted network named...
متن کاملذخیره در منابع من
با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید
برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید
ثبت ناماگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید
ورودعنوان ژورنال:
- Journal of Computer Security
دوره 16 شماره
صفحات -
تاریخ انتشار 2008