On the study of trusted information exchange services based on authentication policy extension

The substantiate experimental study of private information box project of Japanese e-Government proved the effectiveness of the New Authentication Extension Technology to combine different social infrastructures to create new Secure services between Public Sector and Private Sector(Citizen). Though there are still issues to cope with outside of the realm of technology including accountability of each participants and the level of the service, OpenID and SAML are key federated identity protocols. Both SAML and OpenID define mechanisms in support of expressing assurance information on protocol messages, respectively Authentication Context and the Provider Authentication Policy Extension (PAPE). In deployment scenarios that require proxying from one of the protocols to the other, it becomes necessary to map to and from the corresponding assurance mechanisms. This paper provides theoretical and experimental study on this mapping and related issues.