Integrating user Identity Management systems with the Host Identity Protocol

Identity management (IdM) on the application layer improves the usability and security for end users by offering features like single sign-on and attribute provisioning. Unrelated approaches on the network layer introduce identity concepts to solve mobility problems and support multihoming. This paper describes a novel approach to the integration of IdM on the application layer with identity concepts introduced by the host identity protocol (HIP). We propose an integrated architecture combining the advantages of both domains. In this scope, we tackle the mapping between the HIP namespace and user IdM namespace as well as we the management and assignment of user and host identities. The new architecture provides a unified view over user and host identities, enabling the exchange of user and host attributes, while it also provides enhanced security and network features.