A Survey of Security Analysis in Federated Identity Management
نویسندگان
چکیده
We conduct a survey of security analysis in Federated Identity Management (FIM). We use the Malicious and Accidental Fault Tolerance framework (MAFTIA) to categorise security incidents in FIM. When security incidents are categorised using MAFTIA we can paint a picture of the landscape of problems that have been studied in FIM. We state common failure paths of FIM systems and how FIM systems can be protected from those failures.
منابع مشابه
Options and Issues in Federated Identity Management
D espite aging and psychological and cosmetic changes, who you are as a person is fairly constant—Eve and Drummond will remain Eve and Drummond over time. The same isn’t true of your digital identity. Currently, eve@ xmlgrrl.com is tied to Eve, for example, but might later be tied to someone else or disappear entirely. This is just one of the challenges people have with digital identities. Fede...
متن کاملTraceable and Automatic Compliance of Privacy Policies in Federated Digital Identity Management
Digital identity is defined as the digital representation of the information known about a specific individual or organization. An emerging approach for protecting identities of individuals while at the same time enhancing user convenience is to focus on inter-organization management of identity information. This is referred to as federated identity management. In this paper we develop an appro...
متن کاملTraceable and Automatic Compliance of Privacy Policies in Federated Digital Identity Management
Digital identity is defined as the digital representation of the information known about a specific individual or organization. An emerging approach for protecting identities of individuals while at the same time enhancing user convenience is to focus on inter-organization management of identity information. This is referred to as federated identity management. In this paper we develop an appro...
متن کاملEvaluation of Unified Security, Trust and Privacy Framework (UnifiedSTPF) for Federated Identity and Access Management (FIAM) Mode
Federated identity and access management systems such as Shibboleth may symbolize a boost: (i) to bring the efficiency and effectiveness in collaboration for governments, enterprises and academia, and (iii) conserve the home domain user's identity privacy in a privacy-enhanced fashion. However, the consternation is about the absence of a trusted computing based mutual trust and security es...
متن کاملFormal Analysis of Information Card Federated Identity - Management Protocol ∗
Information Card (InfoCard) is a usercentric identity management metasystem. It has been accepted as a standard of OASIS Identity Metasystem Interoperability Technical Committee. However, there is currently a lack of security analysis to InfoCard protocol, especially, with formal methods. In this paper, we accommodate such a requirement by analyzing security properties of InfoCard protocol adop...
متن کامل