Managing Dynamic Identity Federations using Security Assertion Markup Language

Abstract Security Assertion Markup Language is one of the most widely used technologies to enable Identity Federations among different organisations. Despite its several advantages, one of its key disadvantages is that it does not allow creating a federation in a dynamic fashion to enable service pr...

Descripción completa

Guardado en:
Detalles Bibliográficos
Autores principales: Ferdous,Sadek, Poet,Ron
Lenguaje:English
Publicado: Universidad de Talca 2015
Acceso en línea:http://www.scielo.cl/scielo.php?script=sci_arttext&pid=S0718-18762015000200005
Etiquetas: Agregar Etiqueta
Sin Etiquetas, Sea el primero en etiquetar este registro!
id oai:scielo:S0718-18762015000200005
record_format dspace
spelling oai:scielo:S0718-187620150002000052018-10-12Managing Dynamic Identity Federations using Security Assertion Markup LanguageFerdous,SadekPoet,Ron Abstract Security Assertion Markup Language is one of the most widely used technologies to enable Identity Federations among different organisations. Despite its several advantages, one of its key disadvantages is that it does not allow creating a federation in a dynamic fashion to enable service provisioning (or de-provisioning) in real time. A few approaches have been proposed to rectify this problem. However, most of them require elaborate changes of the language and do not provide mechanisms to manage federations dynamically. This paper presents a better approach based on an already drafted Security Assertion Markup Language Profile and requires no change in its specification, rather it depends on the specific implementation. Our proposed approach covers all aspects regarding the management of dynamic Identity Federation. It will allow users to create federations dynamically between two prior unknown organisations and will allow them to manage such federations as long as it is required. Implicit in each identity federation is the issue of trust. Therefore, the trust issues involved in the management of dynamic federations are analysed in details. Finally, a proof of concept is discussed with a few use-cases to elaborate the practicality of our approach.info:eu-repo/semantics/openAccessUniversidad de TalcaJournal of theoretical and applied electronic commerce research v.10 n.2 20152015-05-01text/htmlhttp://www.scielo.cl/scielo.php?script=sci_arttext&pid=S0718-18762015000200005en10.4067/S0718-18762015000200005
institution Scielo Chile
collection Scielo Chile
language English
description Abstract Security Assertion Markup Language is one of the most widely used technologies to enable Identity Federations among different organisations. Despite its several advantages, one of its key disadvantages is that it does not allow creating a federation in a dynamic fashion to enable service provisioning (or de-provisioning) in real time. A few approaches have been proposed to rectify this problem. However, most of them require elaborate changes of the language and do not provide mechanisms to manage federations dynamically. This paper presents a better approach based on an already drafted Security Assertion Markup Language Profile and requires no change in its specification, rather it depends on the specific implementation. Our proposed approach covers all aspects regarding the management of dynamic Identity Federation. It will allow users to create federations dynamically between two prior unknown organisations and will allow them to manage such federations as long as it is required. Implicit in each identity federation is the issue of trust. Therefore, the trust issues involved in the management of dynamic federations are analysed in details. Finally, a proof of concept is discussed with a few use-cases to elaborate the practicality of our approach.
author Ferdous,Sadek
Poet,Ron
spellingShingle Ferdous,Sadek
Poet,Ron
Managing Dynamic Identity Federations using Security Assertion Markup Language
author_facet Ferdous,Sadek
Poet,Ron
author_sort Ferdous,Sadek
title Managing Dynamic Identity Federations using Security Assertion Markup Language
title_short Managing Dynamic Identity Federations using Security Assertion Markup Language
title_full Managing Dynamic Identity Federations using Security Assertion Markup Language
title_fullStr Managing Dynamic Identity Federations using Security Assertion Markup Language
title_full_unstemmed Managing Dynamic Identity Federations using Security Assertion Markup Language
title_sort managing dynamic identity federations using security assertion markup language
publisher Universidad de Talca
publishDate 2015
url http://www.scielo.cl/scielo.php?script=sci_arttext&pid=S0718-18762015000200005
work_keys_str_mv AT ferdoussadek managingdynamicidentityfederationsusingsecurityassertionmarkuplanguage
AT poetron managingdynamicidentityfederationsusingsecurityassertionmarkuplanguage
_version_ 1714202220084330496