Improving the scalability of identity federations through level of assurance management automation
نویسندگان
چکیده
Access to remote IT services through identity federations (IFs) has solid technical foundations such as the Security Assertion Markup Language (SAML). However, reliable delegated user authentication and authorization also pose organizational challenges regarding the quality management of user data. Level of Assurance (LoA) concepts have been adapted and applied to IFs, but their inhomogeneous proliferation bears the risk of aggravating instead of simplifying the manual work steps required for providing IT services for multiple or dynamically set up IFs. This paper presents a novel LoA management approach that has been designed for a high degree of automation and gives an outlook to its application based on the GÉANT-TrustBroker toolchain.
منابع مشابه
Presenting an Executive Model for Improving the Performance of Sports Federations
Background. Considering the position and importance of sports federations in Iran and their very important duties and dependence on the Ministry of Sports and Youth in terms of financial resources, they must be responsive to their performance in providing services and implementing their programs. The duties are namely the development and promotion of sports at the public and championship levels...
متن کاملManagement Architecture for Dynamic Federated Identity Management
We present the concept and design of Dynamic Automated Metadata Exchange (DAME) in Security Assertion Markup Language (SAML) based user authentication and authorization infrastructures. This approach solves the real-world limitations in scalability of pre-exchanged metadata in SAML-based federations and inter-federations. The user initiates the metadata exchange on demand, therefore reducing th...
متن کاملRisk-based Dynamic Access Control for a Highly Scalable Cloud Federation
Cloud Computing is already a successful paradigm for distributed computing and is still growing in popularity. However, many problems still linger in the application of this model and some new ideas are emerging to help leverage its features even further. One of these ideas is the cloud federation, which is a way of aggregating different clouds to enable the sharing of resources and increase sc...
متن کاملTowards Privacy-preserving Attribute Aggregation in Federated eID Systems
In: S. España, M. Ivanović, M. Savić (eds.): Proceedings of the CAiSE’16 Forum at the 28th International Conference on Advanced Information Systems Engineering, Ljubljana, Slovenia, 13-17.6.2016, published at http://ceur-ws.org Abstract. During the past years, achieving interoperability, i.e. creating identity federations, between different eID systems has gained relevance. A key problem of ide...
متن کاملEmploying Ontology-Alignment and Locality-Sensitive Hashing to Improve Attribute Interoperability in Federated eID Systems
Achieving interoperability, i.e. creating identity federations between different Electronic identities (eID) systems, has gained relevance throughout the past years. A serious problem of identity federations is the missing harmonization between various attribute providers (APs). In closed eID systems, ontologies allow a higher degree of automation in the process of aligning and aggregating attr...
متن کامل