Title :
A Peer-to-Peer Federated Authentication System
Author :
Kang, Myong H. ; Khashnobish, Amitabh
Author_Institution :
Inf. Technol. Div., Naval Res. Lab., Washington, DC
Abstract :
A federated identity management system extends identity information across multiple security domains. It is an enabler for sharing information and services among organizations while respecting the authorization decisions of each organization. Federation can be realized in two ways: (1) Conventional federation that is based on a multilateral agreement among participants and (2) peer-to-peer (P2P) federation that is based on bilateral agreements. In this paper, we introduce a P2P federated authentication system based on the OASIS security assertion markup language (SAML) version 2.0 standard. The P2P federation model is simpler and more flexible than the conventional federation model even though managing peer relationships becomes a burden if the number of peers gets unmanageably large. The conventional federation model and P2P federation model are not mutually exclusive. The two models can co-exist and interoperate.
Keywords :
high level languages; message authentication; peer-to-peer computing; OASIS security assertion markup language; conventional federation; federated identity management system; peer-to-peer federated authentication system; Authentication; Authorization; Buildings; Identity management systems; Information management; Information security; Information technology; Markup languages; Peer to peer computing; Protocols; Identity management; Security;
Conference_Titel :
Information Technology: New Generations, 2009. ITNG '09. Sixth International Conference on
Conference_Location :
Las Vegas, NV
Print_ISBN :
978-1-4244-3770-2
Electronic_ISBN :
978-0-7695-3596-8
DOI :
10.1109/ITNG.2009.159
