An Identity-matching Process to Strengthen Trust in Federated-identity Architectures

Marillonnet, Paul; Ates, Mikaël; Laurent, Maryline; Kaaniche, Nesrine

doi:10.5220/0009828401420154

Cited by 1 publication

(3 citation statements)

References 0 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…It is of utmost importance that the collected PII from different sources for one user do actually belong to that user. In order to enforce this user uniqueness, the PII may rely on several possibilities, be it either a unique official identity sources such as France Connect, or automated mapping as presented in [19].…”

Section: User Identifier Mappingmentioning

confidence: 99%

“…e process used to derive these pseudonyms can rely on nonreversible pseudonyms' identifier generation as presented in Chapter 8.1 in [1]. e target service then receives a pseudonym with a set of human-readable information that serves as input for the identity-matching procedure, as presented in Chapter 5 in [19].…”

Section: User Identifier Mappingmentioning

confidence: 99%

“…e necessity to deal with remote sources providing user PII led to propositions regarding identitymatching issues [19].…”

Section: Introductionmentioning

confidence: 99%

See 2 more Smart Citations

An Efficient User-Centric Consent Management Design for Multiservices Platforms

Marillonnet

Ates²,

Laurent

et al. 2021

Security and Communication Networks

Self Cite

View full text Add to dashboard Cite

This paper presents an efficient user-centric consent management system to access online services of the Territorial Collectivities and Public Administration (TCPA) as well as user-authorized third parties. It defines a novel PII manager that supports a set of sources obeying to different authorization and PII retrieval protocols. This contribution is motivated by the necessity to interface TCPA services with remote sources that provide Personally Identifiable Information (PII). Hence, the originality of our solution is multifold. First, the burden for enforcing the interoperability between the sources and the TCPA services collecting the PII is reduced from the point of view of the user, the administrator of the User-Relationship Management (URM) platform, and the territorial agent responsible for processing the user’s queries. Second, it defines a unified consent model supporting four types of sources. Third, it goes into details of practical implementations. Fourth, the relevance of the proposed PII manager for a relevant TCPA use case is demonstrated through a functional analysis.

show abstract

Section: User Identifier Mappingmentioning

confidence: 99%

Section: User Identifier Mappingmentioning

confidence: 99%