The University Public Key Infrastructure (UPKI) project in Japan is developing a national academic inter-institution authentication and authorization infrastructure based on the Public Key Infrastructure (PKI), and it is carrying out a feasibility study on SAML 2.0 federation by building a Shibboleth2.x test-bed called UPKI-Fed with about thirty university participants.Federation usually provides a discovery service (DS, previously called WAYF) to a user since he/she needs to select his/her identity provider (IdP). This IdP selection becomes a serious problem as the number of IdP grows.We solved this problem for a user using client certificate authentication by developing a DS plug-in called DS-PKI Plug-In to leverage securely stored information in a PKI certificate.
Identity Proofing -providing a digital identifier bound to a real-world entity -is effective against identity theft, which is a serious problem for cyber security. In-person interaction with an applicant is the basis of identity proofing, but that is only effective when all applicants are located near a registration authority (RA) which is responsible for verifying some or all of the applicant's identity information. Since that requirement can be hard to fulfill, especially in distributed organizations, the RA has two conventional types: local and remote. A quantitative evaluation model of system operation costs for RAs would allow an organization to determine the most appropriate RA type or combination of types for the topology of their situation. In this paper, we propose a cost structure model for various different cost factors, such as the access cost to an authoritative source, and the number of RA operators. Our model provides two major contributions: a tool for optimizing the costperformance of a system that is determined by the choice of RA type and a quantitative method for evaluating and comparing existing systems.
scite is a Brooklyn-based organization that helps researchers better discover and understand research articles through Smart Citations–citations that display the context of the citation and describe whether the article provides supporting or contrasting evidence. scite is used by students and researchers from around the world and is funded in part by the National Science Foundation and the National Institute on Drug Abuse of the National Institutes of Health.