Towards dynamic trust establishment for identity federation

Almenárez, Florina; Arias, Patricia; Marín, Andrés; Díaz, Daniel

doi:10.1145/1551722.1551747

Cited by 12 publications

(15 citation statements)

References 3 publications

Supporting

Mentioning

Contrasting

Order By: Relevance

“…In [20,27] we set the basis to extend the generic trust management model called PTM (Pervasive Trust Management) [28] in order to include risk management, reputation, and SLA negotiation. Based on this, our work in [29] defines the risk computation part of the architecture, while here we focus on the reputation part.…”

Section: Outcomes Under "Nice" Conditionsmentioning

confidence: 99%

To Federate or Not To Federate: A Reputation-Based Mechanism to Dynamize Cooperation in Identity Management

Arias-Cabarcos

Almenárez

Mármol³

et al. 2013

Wireless Pers Commun

Self Cite

View full text Add to dashboard Cite

Identity Management systems cannot be centralized anymore. Nowadays, users have multiple accounts, profiles and personal data distributed throughout the web and hosted by different providers. However, the online world is currently divided into identity silos forcing users to deal with repetitive authentication and registration processes and hindering a faster development of large scale e-business. Federation has been proposed as a technology to bridge different trust domains, allowing user identity information to be shared in order to improve usability. But further research is required to shift from the current static model, where manual bilateral agreements must be pre-configured to enable cooperation between unknown parties, to a more dynamic one, where trust relationships are established on demand in a fully automated fashion. This paper presents IdMRep, the first completely decentralized reputation-based mechanism which makes dynamic federation a reality. Initial experiments demonstrate its accuracy as well as an assumable overhead in scenarios with and without malicious nodes.

show abstract

Section: Outcomes Under "Nice" Conditionsmentioning

confidence: 99%

To Federate or Not To Federate: A Reputation-Based Mechanism to Dynamize Cooperation in Identity Management

Arias-Cabarcos

Almenárez

Mármol³

et al. 2013

Wireless Pers Commun

Self Cite

View full text Add to dashboard Cite

show abstract

“…Therefore, a service can determine the trustworthiness of an assertion based on its assurance level [26]. Additionally, a service can either obtain a dynamic trust list from a trusted third party [27] or request a trusted third party [28] to authenticate identity providers and attribute authorities to identify trustworthy identity providers and attribute authorities dynamically. Moreover, an individual may have several accounts and associated attributes in different identity providers or attribute authorities.…”

Section: Sso Fim and Fiammentioning

confidence: 99%

Efficient Consistency Achievement of Federated Identity and Access Management Based on a Novel Self-Adaptable Approach

Cha

Chang

2012

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

SUMMARYFederated identity and access management (FIAM) systems enable a user to access services provided by various organizations seamlessly. In FIAM systems, service providers normally stipulate that their users show assertions issued by allied parties to use their services as well as determine user privileges based on attributes in the assertions. However, the integrity of the attributes is important under certain circumstances. In such a circumstance, all released assertions should reflect modifications made to user attributes. Despite the ability to adopt conventional certification revocation technologies, including CRL or OCSP, to revoke an assertion and request the corresponding user to obtain a new assertion, re-issuing an entirely new assertion if only one attribute, such as user location or other environmental information, is changed would be inefficient. Therefore, this work presents a self-adaptive framework to achieve consistency in federated identity and access management systems (SAFIAM). In SAFIAM, an identity provider (IdP), which authenticates users and provides user attributes, should monitor access probabilities according to user attributes. The IdP can then adopt the most efficient means of ensuring data integrity of attributes based on related access probabilities. While Internet-based services emerge daily that have various access probabilities with respect to their user attributes, the proposed self-adaptive framework significantly contributes to efforts to streamline the use of FIAM systems. key words: federated identity and access management, federated identity and access management, single sign-on

show abstract

“…Although the present proposal is related in that it examines the authentication trust level, it focuses on evaluating the aggregated authentication level when multiple types of authentication assertions are available, by analyzing the similarity of the assertions. Alenárez et al [13] analyzed the existing identity federation frameworks and identified the drawbacks for deployment in dynamic open environments. They also proposed a SAML [2] extension for dynamic federation that dynamically establishes trust between entities.…”

Section: Related Workmentioning

confidence: 99%

Authentication Trust Metric and Assessment for Federated Identity Management Systems

Gomi

2012

IEICE Trans. Inf. & Syst.

View full text Add to dashboard Cite

Towards dynamic trust establishment for identity federation

Cited by 12 publications

References 3 publications

To Federate or Not To Federate: A Reputation-Based Mechanism to Dynamize Cooperation in Identity Management

To Federate or Not To Federate: A Reputation-Based Mechanism to Dynamize Cooperation in Identity Management

Efficient Consistency Achievement of Federated Identity and Access Management Based on a Novel Self-Adaptable Approach

Authentication Trust Metric and Assessment for Federated Identity Management Systems

Contact Info

Product

Resources

About