Privacy in Enterprise Identity Federation
نویسنده
چکیده
Cross-domain identity management is gaining significant interest in industry. A recent example is the Liberty Alliance’s specifications for single signon of users across a federation of enterprises. These specifications stress that the federation process is voluntary for the users and that privacy is preserved, e.g., by using pseudonyms. We evaluate the privacy of these specifications in detail. We point out ambiguities and propose a concrete privacy policy together with a few changes to the Liberty processing rules. Our analysis demonstrates that identitymanagement policies are non-trivial even in a limited context. We also discuss how such low-tech proposals from industry relate to high-tech privacy-enhancing proposals from the research community.
منابع مشابه
Privacy in enterprise identity federation - policies for Liberty 2 single sign on
Cross-domain identity management is gaining significant interest in industry. A wellknown example is the Liberty Alliance’s specifications for single signon of web users across different enterprises. The Liberty Alliance stresses that account linking is voluntary for the users and that privacy is an important consideration. We evaluate the privacy of these specifications in detail. We point out...
متن کاملMulti-Tenancy Authorization System with Federated Identity for Cloud-Based Environments Using Shibboleth
The services provided in clouds may represent an increase in the efficiency and effectiveness in the operations of the enterprise business, improving the cost-effectiveness related to services and resources consumption. However, there is concern about the privacy of data, since such data are outside the client’s domain. For these services to be effectively enjoyed by organizations it is necessa...
متن کاملEnhancing Consumer Privacy in the Liberty Alliance Identity Federation and Web Services Frameworks
Internet usage has been growing significantly, and the issue of online privacy has become a correspondingly greater concern. Several recent surveys show that users’ concern about the privacy of their personal information reduces their use of electronic businesses and Internet services; furthermore, many users choose to provide false data in order to protect their real identities. Identity feder...
متن کاملOrganising Federated Identity in Finnish Higher Education
Finnish higher education has been an early adopter of federated identity in Europe. The Finnish Haka federation is deploying Shibboleth, federating software by Internet2. This paper describes the federation as an organisational entity and explains how privacy issues are taken into account in its policy. Differences between the Haka federation and some other federations are pointed out. The main...
متن کامل