Context Based Enforcement of Authorization for Privacy and Security in Identity Management
نویسندگان
چکیده
Protecting the identity of an individual is a shared responsibility between the individual, the organizations with whom the individual will be transacting during her life time, and the state of which the individual is a legal resident. Identity theft occurs when someone uses an individual’s personal information without the knowledge of the individual to commit a crime, such as fraud or theft. Of late identity theft has become one of the fastest growing crimes, not only in western countries but also in developing countries where internet dominates business, financial transactions of big organizations, and social activities of individuals. In this paper we discuss a context based enforcement of authorization to protect the privacy of individuals and secure information about them stored in large identity management systems.
منابع مشابه
A Framework for Composition and Enforcement of Privacy-aware and Context-driven Authorization Mechanism for Complex Systems
Security and privacy of complex systems is a concern due to proliferation of cyber based technologies. Several researchers have pointed out that for the proper enforcement of privacy rules in a complex system, the privacy requirements should be captured in access control systems. In this paper, we present a framework for composition and enforcement of context-aware rules for such systems. The f...
متن کاملEvaluation of Unified Security, Trust and Privacy Framework (UnifiedSTPF) for Federated Identity and Access Management (FIAM) Mode
Federated identity and access management systems such as Shibboleth may symbolize a boost: (i) to bring the efficiency and effectiveness in collaboration for governments, enterprises and academia, and (iii) conserve the home domain user's identity privacy in a privacy-enhanced fashion. However, the consternation is about the absence of a trusted computing based mutual trust and security es...
متن کاملDynamic, Context-Aware Access Control for Distributed Healthcare Applications
The rapid worldwide deployment of the Internet and Web is the enabler of a new generation of e-healthcare applications, but the provision of a security architecture that can ensure the privacy and security of sensitive healthcare data is still an open question. Current solutions to this problem (mostly built on static RBAC models) are application-dependent and do not address the intricate secur...
متن کاملA Dynamic, Context-Aware Security Infrastructure
The rapid worldwide deployment of the Internet and Web is the enabler of a new generation of e-healthcare applications, but the provision of a security architecture that can ensure the privacy and security of sensitive healthcare data is still an open question. Current solutions to this problem (mostly built on static RBAC models) are application-dependent and do not address the intricate secur...
متن کاملA privacy architecture for context-aware enterprise social networks
Context information is used to derive user profiles and social networks in an enterprise system called Instant Knowledge. This system requires privacy as well as conventional information security requirements. The privacy requirements include anonymity, unlinkability, unobservability and pseudonymity; these are designed to provide privacy by default to users of an Instant Knowledge service. A p...
متن کامل