Assurance for federated identity management

نویسندگان

  • Adrian Baldwin
  • Marco Casassa Mont
  • Yolanta Beres
  • Simon Shiu
چکیده

Federated Identity Management is an emerging paradigm that is rightly getting a lot of standardization and research attention. One aspect that is not receiving enough attention is assurance. Given the challenges enterprises faced trying to demonstrate appropriate control of their internal and monolithic identity management systems, the problem of how to provide assurance to multiple stakeholders that controls, operations and technologies that cut across organisational boundaries, are appropriately mitigating risk, looks daunting. The paper provides an exposition of the assurance process, how it applies to identity management and particularly to federated identity management. Our contribution is to show technology can be used to overcome many of trust, transparency and information reconciliation problems. Specifically we show how declarative assurance models can orchestrate and automate much of the assurance work, how certain enforcement technologies can radically improve identity assurance, and how an assurance framework can provide a basis for judging the assurance value of security technologies.

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

منابع مشابه

Federated Identity Management

This paper addresses the topic of federated identity management. It discusses in detail the following topics: what is digital identity, what is identity management, what is federated identity management, Kim Cameron’s 7 Laws of Identity, how can we protect the user’s privacy in a federated environment, levels of assurance, some past and present federated identity management systems, and some cu...

متن کامل

Information Assurance in Federated Identity Management: Experimentations and Issues

Identity management has been recently considered to be a viable solution for simplifying user management across enterprise applications. When users interact with services on the Internet, they often tailor the services in some way for their personal use through their personalized accounts and preferences. The network identity of each user is the global set of such attributes constituting the va...

متن کامل

Improving the scalability of identity federations through level of assurance management automation

Access to remote IT services through identity federations (IFs) has solid technical foundations such as the Security Assertion Markup Language (SAML). However, reliable delegated user authentication and authorization also pose organizational challenges regarding the quality management of user data. Level of Assurance (LoA) concepts have been adapted and applied to IFs, but their inhomogeneous p...

متن کامل

Digital Identity Protection - Concepts and Issues

Tools and techniques for digital identity management represent an important technology for enabling transactions and interactions across the Internet. Because identity information is often privacy sensitive, it is important that suitable privacy and security techniques be adopted for its protection. In this paper we discuss relevant concepts and issues and survey an approach based on the notion...

متن کامل

Towards Improved Federated Identity and Privilege Management in Open Systems

1. Motivation The ability to federate identity across organizations while maintaining access rights and privileges poses a major challenge [5]. The solution is federated identity and privilege management. However, almost all well-known such schemes have their drawbacks. Additionally, the development of Web-based federated identity solutions has advanced more rapidly as compared to the Web-based...

متن کامل

ذخیره در منابع من


  با ذخیره ی این منبع در منابع من، دسترسی به آن را برای استفاده های بعدی آسان تر کنید

برای دانلود متن کامل این مقاله و بیش از 32 میلیون مقاله دیگر ابتدا ثبت نام کنید

ثبت نام

اگر عضو سایت هستید لطفا وارد حساب کاربری خود شوید

عنوان ژورنال:
  • Journal of Computer Security

دوره 18  شماره 

صفحات  -

تاریخ انتشار 2010