A New User-Centric Identity Management Infrastructure for Federated Systems
In today’s Information Systems, users present credentials with local significance, to be authenticated and gain access to internal functionality. Users have different login-password combinations for each online service, or even different credentials for different roles within a service. As a result they tend to make poor password choices that are easy to remember, or even repeat the same login-password information on different services. This poses security threats to service providers and a privacy risk for end-users. The solution is to shift to identity management systems. Such a system will issue a digital identity for every user and will be able to control the full life-cycle of these identities, from creation to termination. Another aspect of such a system is the single sign-on mechanism, whereby a single action of user authentication and authorization can permit the user to access multiple services. The benefits are improved security, accountability and privacy protection.
KeywordsIdentity Management Trusted Third Party Federate System Service Mediator Identity Provider
Unable to display preview. Download preview PDF.
- 1.Bajaj, S., et al.: Web Services Federation Language (WS-Federation). IBM Corporation et al., Specification Document (July 2003)Google Scholar
- 2.Hodges, J., Wason, T.: Liberty Architecture Overview. Liberty Alliance, White Paper (January 2003)Google Scholar
- 3.Brown, K.: Security Briefs: Step-by-Step Guide to InfoCard, http://msdn.microsoft.com//msdnmag/issues/06/05/securitybriefs/default.aspx
- 5.Windley, P.: Digital Identity. O’Reilly, Sebastopol,California (2005)Google Scholar
- 6.Gladman, B., Ellison, C., Bohm, N.: Digital Signatures, Certificates and Electronic Commerce (April 1999)Google Scholar
- 7.Pfitzmann, B., Waidner, M.: Anonymity, Unobservability, Pseudonymity, and Identity Management - A proposal for terminology. Tu Dresden, Department of Computer Science Technical report (2004)Google Scholar
- 8.Buell, A.D., Sandhu, R.: Identity Management. IEEE Internet Computing, 26–28 (November 2003)Google Scholar
- 9.Hansen, M., Berlich, P., Camenisch, J., Claub, S., Pfitzmann, B., Waidner, M.: Privacy-Enhancing Identity Management. Information Security, vol. 9.1, pp. 35–44. Elsevier Science Press, Amsterdam (2004)Google Scholar
- 10.Marsh, S.: Identity and Authentication in the E-economy. In: Information Security, vol. 7.3, pp. 12–19. Elsevier Science Press, Amsterdam (2003)Google Scholar
- 11.Damiani, E., Vimercati, S., Samarati, P.: Managing Multiple and Dependable Identities. IEEE Internet Computing, 29–36 (December 2003)Google Scholar
- 12.Poursalidis, V.: Identity Management Infrastructure for the Digital World, Master’s Thesis, University of Crete (2005)Google Scholar