STORRE
STORRE: Stirling Online Research Repository
Please use this identifier to cite or link to this item:
http://hdl.handle.net/1893/25306| Appears in Collections: | Computing Science and Mathematics Conference Papers and Proceedings |
| Peer Review Status: | Refereed |
| Author(s): | Ferdous, Md Sadek Chowdhury, Farida Poet, Ron |
| Contact Email: | fch@cs.stir.ac.uk |
| Title: | A hybrid model of attribute aggregation in federated identity management |
| Editor(s): | Chang, V Ramachandran, M Walters, R Wills, G |
| Citation: | Ferdous MS, Chowdhury F & Poet R (2017) A hybrid model of attribute aggregation in federated identity management. In: Chang V, Ramachandran M, Walters R & Wills G (eds.) Enterprise Security. Lecture Notes in Computer Science, 10131. Enterprise Security Second International Workshop, ES 2015, Vancouver, BC, Canada, 30.11.2015-03.12.2015. Cham, Switzerland: Springer, pp. 120-154. https://doi.org/10.1007/978-3-319-54380-2_6 |
| Issue Date: | 2017 |
| Date Deposited: | 5-May-2017 |
| Series/Report no.: | Lecture Notes in Computer Science, 10131 |
| Conference Name: | Enterprise Security Second International Workshop, ES 2015 |
| Conference Dates: | 2015-11-30 - 2015-12-03 |
| Conference Location: | Vancouver, BC, Canada |
| Abstract: | The existing model of Federated Identity Management (FIM) allows a user to provide attributes only from a single Identity Provider (IdP) per service session. However, this does not cater to the fact that the user attributes are scattered and stored across multiple IdPs. An attribute aggregation mechanism would allow a user to aggregate attributes from multiple providers and pass them to a Service Provider (SP) in a single service session which would enable the SP to offer innovative service scenarios. Unfortunately, there exist only a handful of mechanisms for aggregating attributes and most of them either require complex user interactions or are based on unrealistic assumptions. In this paper, we present a novel approach called the Hybrid ModelĀ for aggregating attributes from multiple IdPs using one of the most popular FIM technologies: Security Assertion Markup Language (SAML). We present a thorough analysis of different requirements imposed by our proposed approach and discuss how we have developed a proof of concept using our model and what design choices we have made to meet the majority of these requirements. We also illustrate two use-cases to elaborate the applicability of our approach and analyse the advantages it offers and the limitations it currently has. |
| Status: | AM - Accepted Manuscript |
| Rights: | Published in: Chang V., Ramachandran M., Walters R., Wills G. (eds) Enterprise Security (2017). Lecture Notes in Computer Science, vol 10131. Springer, Cham The final publication is available at Springer via http://dx.doi.org/10.1007/978-3-319-54380-2_6 |
Files in This Item:
| File | Description | Size | Format | |
|---|---|---|---|---|
| AttributeAggregation_ESSB.pdf | Fulltext - Accepted Version | 1.11 MB | Adobe PDF | View/Open |
This item is protected by original copyright |
Items in the Repository are protected by copyright, with all rights reserved, unless otherwise indicated.
The metadata of the records in the Repository are available under the CC0 public domain dedication: No Rights Reserved https://creativecommons.org/publicdomain/zero/1.0/
If you believe that any material held in STORRE infringes copyright, please contact library@stir.ac.uk providing details and we will remove the Work from public display in STORRE and investigate your claim.