Policy-Based Integration of User and Provider-Sided Identity Management

  • Wolfgang Hommel
Part of the Lecture Notes in Computer Science book series (LNCS, volume 3995)


Depending on whether the users or the providers are performing it, Identity Management (IM) traditionally has different meanings. For users, IM means to choose between one’s own identities and roles, in order to make selected personal information available to providers under privacy aspects. For providers, IM typically consists of centralized identity data repositories and their use by the offered services. Methods and tools for both aspects of IM have developed almost orthogonally, failing to consider their interoperability and complementary purposes. We analyze the similarities between both IM aspects and demonstrate how both sides can benefit from the use of a common policy language for personal information release and service provisioning. We derive criteria for this common policy language, demonstrate XACML’s suitability and discuss our prototype for the Shibboleth IM system.


Access Control Policy Language Identity Management User Attribute Identity Data 


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Pfitzmann, A., Köhntopp, M.: Anonymity, Unobservability, and Pseudonymity - A Proposal for Terminology. In: Federrath, H. (ed.) Designing Privacy Enhancing Technologies. LNCS, vol. 2009, pp. 1–9. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  2. 2.
    Bonatti, P.A., Samarati, P.: Regulating Service Access and Information Release on the Web. In: Proceedings of CCS 2000. ACM Press, Athens (2000)Google Scholar
  3. 3.
    Camenisch, J., Shelat, A., Sommer, D., Fischer-Hübner, S., Hansen, M., Krasemann, H., Lacoste, G., Leenes, R., Tseng, J.: Privacy and identity management for everyone. In: 1st conference on Digital Identity Management. ACM Press, New York (2005)Google Scholar
  4. 4.
    Bhargav-Spantzel, A., Squicciarini, A., Bertino, E.: Establishing and protecting digital identity in federation systems. TR 2005-48, Purdue University (2005)Google Scholar
  5. 5.
    Powers, C., Schunter, M.: Enterprise Privacy Authorization Language, W3C submission (2003), http://www.w3.org/Submission/2003/SUBM-EPAL-20031110/
  6. 6.
    Karjoth, G., Schunter, M., Waidner, M.: The Platform for Enterprise Privacy Practices — Privacy-enabled Management of Customer Data. In: Proceedings of the Workshop on Privacy Enhancing Technologies, Springer, Heidelberg (2002)Google Scholar
  7. 7.
    Mont, M.: Dealing with privacy obligations in enterprises. Technical Report HPL-2004-109, HP Laboratories Bristol (2004)Google Scholar
  8. 8.
    Reagle, J., Cranor, L.F.: The Platform for Privacy Preferences. In: Communications of the ACM, vol. 42, pp. 48–55. ACM Press, New York (1999)Google Scholar
  9. 9.
    Langheinrich, M. (ed.): A P3P Preference Exchange Language — APPEL 1.0 (2002), http://www.w3.org/TR/P3P-preferences/
  10. 10.
    Damiani, E., di Vimercati, S.D.C., Fugazza, C., Samarati, P.: Semantics-aware privacy and access control: Motivation and preliminary results. In: Proceedings of 1st Italian Semantic Web Workshop (2004)Google Scholar
  11. 11.
    Baker, M., Apon, A., Ferner, C., Brown, J.: Emerging grid standards. IEEE Computer Journal, 43–50 (2005)Google Scholar
  12. 12.
    Allison, C., et al.: Integrated user management in the european learning grid (2005), http://www.hlrs.de/publications/
  13. 13.
    Hommel, W., Reiser, H.: Federated Identity Management in B2B Outsourcing. In: Proceedings of the 12th Annual Workshop of the HP OpenView University Association (HPOVUA 2005), Porto, Portugal (2005) ISBN 972-9171-48-3Google Scholar
  14. 14.
    Linn, J. (ed.): Liberty Trust Models Guidelines (2003)Google Scholar
  15. 15.
    Cantor, S.: Shibboleth v1.2 Attribute Release Policies (2004), http://shibboleth.internet2.edu/guides/deploy-guide-origin1.2.html#2.e
  16. 16.
    Goldberg, I.: A Pseudonymous Communications Infrastructure for the Internet. PhD thesis, University of California, Berkeley (2000)Google Scholar
  17. 17.
    Koch, M.: Global identity management to boost personalization. In: 9th Research Symposium on Emerging Electronic Markets, pp. 137–147 (2002)Google Scholar
  18. 18.
    Pashalidis, A., Mitchell, C.: A taxonomy of single sign-on systems. In: Safavi-Naini, R., Seberry, J. (eds.) ACISP 2003. LNCS, vol. 2727, Springer, Heidelberg (2003)CrossRefGoogle Scholar
  19. 19.
    Pfitzmann, B.: Privacy in browser-based attribute exchange. In: ACM Workshop on Privacy in Electronic Society (WPES 2002), pp. 52–62. ACM Press, New York (2002)Google Scholar
  20. 20.
    Josang, A., Pope, S.: User Centric Identity Management. In: Proceedings of AusCERT (2005)Google Scholar
  21. 21.
    Hommel, W.: An Architecture for Privacy-Aware Inter-domain Identity Management. In: Schönwälder, J., Serrat, J. (eds.) DSOM 2005. LNCS, vol. 3775, pp. 48–59. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  22. 22.
    Aarts, R., et al.: Liberty architecture framework for supporting Privacy Preference Expression Languages (PPELs). Liberty Alliance White Paper (2003)Google Scholar
  23. 23.
    Ahn, G.J., Lam, J.: Managing Privacy Preferences for Federated Identity Management. In: 1st Workshop on Digital Identity Management. ACM Press, New York (2005)Google Scholar
  24. 24.
    Koch, M., Möslein, K.: Identities management for e-commerce and collaboration applications. International Journal of Electronic Commerce (IJEC) (2005)Google Scholar
  25. 25.
    Nazareth, S., Smith, S.: Using SPKI/SDSI for Distributed Maintenance of Attribute Release Policies in Shibboleth. Technical Report TR2004-485, Department of Computer Science, Dartmouth College, Hanover, HN 03744 USA (2004)Google Scholar
  26. 26.
    Hommel, W.: Using XACML for Privacy Control in SAML-Based Identity Federations. In: Dittmann, J., Katzenbeisser, S., Uhl, A. (eds.) CMS 2005. LNCS, vol. 3677, pp. 160–169. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  27. 27.
    Mont, M., Thyne, R., Bramhall, P.: Privacy Enforcement with HP Select Access for Regulatory Compliance. Technical Report HPL-2005-10, HP Bristol (2005)Google Scholar
  28. 28.
    Cantor, S., Carmody, S., Erdos, M., Hazelton, K., Hoehn, W., Morgan, B.: Shibboleth Architecture, working draft 09 (2005), http://shibboleth.internet2.edu/
  29. 29.
    Pfitzmann, B., Waidner, M.: BBAE — a general protocol for browser-based attribute exchange. Technical Report RZ 3455, IBM Research, Zürich (2002)Google Scholar
  30. 30.
    Aarts, R (ed.): Liberty ID-WSF Interaction Service Specification (2004)Google Scholar
  31. 31.
    Choi, H.-C., Yi, Y.-H., Seo, J.-H., Noh, B.-N., Lee, H.-H.: A Privacy Protection Model in ID Management Using Access Control. In: Gervasi, O., Gavrilova, M.L., Kumar, V., Laganá, A., Lee, H.P., Mun, Y., Taniar, D., Tan, C.J.K. (eds.) ICCSA 2005. LNCS, vol. 3481, pp. 82–91. Springer, Heidelberg (2005)CrossRefGoogle Scholar
  32. 32.
    Hommel, W., Reiser, H.: Federated Identity Management: Shortcomings of existing standards. In: Proceedings of the 9th IFIP/IEEE International Symposium on Integrated Management (IM 2005), Nice, France. IEEE Press, Los Alamitos (2005)Google Scholar
  33. 33.
    Chadwick, D., Otenko, A.: The PERMIS X.509 Role Based Privilege Management Infrastructure. In: 7th ACM SACMAT. ACM Press, New York (2002)Google Scholar
  34. 34.
    Damianou, N., Dulay, N., Lupu, E.C., Sloman, M.: The Ponder Policy Specification Language. In: Sloman, M., Lobo, J., Lupu, E.C. (eds.) POLICY 2001. LNCS, vol. 1995, p. 18. Springer, Heidelberg (2001)CrossRefGoogle Scholar
  35. 35.
    ContentGuard Holdings Inc.: XrML 2.0 Technical Overview (2002), http://www.xrml.org/reference/XrMLTechnicalOverviewV1.pdf
  36. 36.
    Moses, T (ed.): OASIS eXtensible Access Control Markup Language 2.0, core specification. OASIS XACML Technical Committee Standard (2005)Google Scholar
  37. 37.
    Lorch, M., Proctor, S., Lepro, R., Kafura, D., Shah, S.: First Experiences Using XACML for Access Control in Distributed Systems. In: Proceedings of the ACM Workshop on XML Security. ACM Press, New York (2003)Google Scholar
  38. 38.
    Lorch, M., Kafura, D., Shah, S.: An XACML-based Policy Management and Authorization Service for Globus Research Resources Work in Progress Draft Paper. Department of Computer Science, Virginia Tech (2004)Google Scholar
  39. 39.
    Wu, J., Periorellis, P.: Authorization-Authentication Using XACML and SAML. TR CS-TR-907, University of Newcastle, UK (2005)Google Scholar
  40. 40.
    Vullings, E., Buchhorn, M., Dalziel, J.: Secure Federated Access to GRID applications using SAML/XACML. Tr, Macquarie University, Sydney (2005)Google Scholar
  41. 41.
    Lopez, G., Gomez, A., Marin, R., Canovas, O.: A Network Access Control Approach Based on the AAA Architecture and Authorization Attributes. In: 19th IEEE Int. Parallel and Distributed Processing Symposium. IEEE Press, Los Alamitos (2005)Google Scholar
  42. 42.
    Proctor, S.: Sun’s XACML implementation (2004), http://sunxacml.sf.net/
  43. 43.
    Crane, S., Mont, M., Pearson, S.: On helping individuals to manage privacy and trust. Technical Report HPL-2005-53, HP Laboratories Bristol (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Wolfgang Hommel
    • 1
  1. 1.Munich Network Management TeamLeibniz Supercomputing Center MunichGermany

Personalised recommendations