Title :
Policy-based Service Provisioning and Dynamic Trust Management in Identity Federations
Author :
Boursas, Latifa ; Hommel, Wolfgang
Author_Institution :
Munich Network Management Team, Munich University of Technology. boursas@tum.de
Abstract :
In Federated Identity Management (FIM), user administration is decentralized: Service Providers (SPs) can request information about the users from their respective Identity Providers (IDPs). The subsequent processing of this data with respect to service provisioning and various privacy aspects are open research issues. We first specify how SPs can use provider-wide and service-specific XACML policies to enforce the required quality for the data delivered by the IDPs. Then, we demonstrate how aspects of trust and reputation management can improve the dynamics of Identity Federations and enhance the end users´ privacy. We also extend the identity-centric request-response model of today´s FIM protocols by group queries and demonstrate their application. Finally, we introduce our prototype and its integration into the Shibboleth FIM software.
Keywords :
Access control; Application software; Authentication; Authorization; Data privacy; Identity management systems; Markup languages; Project management; Protocols; Technology management;
Conference_Titel :
Communications, 2006. ICC '06. IEEE International Conference on
Conference_Location :
Istanbul
Print_ISBN :
1-4244-0355-3
Electronic_ISBN :
8164-9547
DOI :
10.1109/ICC.2006.255124
