A Federated Model for Secure Web-Based Videoconferencing
نویسندگان
چکیده
This paper describes efforts underway within Internet2 to create a secure federated IP based videoconferencing model. The objective is to create an environment that is user-friendly, ensures user privacy, and simplifies user management. This model makes use of the Session Initiation Protocol (SIP) as the underlying session establishment protocol. Since the session can (and most often will) be between domains, securing the process will involve inter-realm authentication and authorization, which gives rise to host of issues such as user privacy and authorization granularity. To address this issue, we make use of a federated trust model for sharing resources based on Shibboleth and the Security Assertion Markup Language (SAML), an XML-based security standard that describes the format and exchange of authentication and authorization information, such as identity, attributes, and artifacts.
منابع مشابه
Using Secure Web Services to Visualize Poison Center Data for Nationwide Biosurveillance: A Case Study
OBJECTIVES Real-time surveillance systems are valuable for timely response to public health emergencies. It has been challenging to leverage existing surveillance systems in state and local communities, and, using a centralized architecture, add new data sources and analytical capacity. Because this centralized model has proven to be difficult to maintain and enhance, the US Centers for Disease...
متن کاملSecure Communication Infrastructure for Object Repositories and Web Services
In this paper we present the design and implementation of a lightweight security infrastructure, for the federated security, that enables organization to share resources based on the trust federation between several organizations. The infrastructure consists of an augmented security layer placed on top of the Web Service protocol. The solution utilizes the latest WS-Security specifications and,...
متن کاملBrowser-based identity federation
Given the increasing popularity of Web 2.0 applications, web-based three-party authentication gets more and more important. Identity federation fulfills this requirement through standardized protocols that authenticate Web users across trust domains. This thesis considers the problem of secure authentication by browser-based identity federation. This special class of identity federation only us...
متن کاملTLS-Federation - a Secure and Relying-Party-Friendly Approach for Federated Identity Management
Federated Single-Sign-On using web browsers as User Agents becomes increasingly important. However, current proposals require substantial changes in the implementation of the Relying-Party, and concentrate on functionality rather than security against real-world attacks like Cross Site Scripting (XSS) and Pharming. We therefore propose a different approach based on Transport Layer Security (TLS...
متن کاملNotarized Federated Identity Management for Web Services
We propose a notarized federated identity management model that supports efficient user authentication when providers are unknown to each other. Our model introduces a notary service, owned by a trusted third-party, to dynamically notarize assertions generated by identity providers. An additional feature of our model is the avoidance of direct communications between identity providers and servi...
متن کامل