A New User-Centric Identity Management Infrastructure for Federated Systems

  • Vassilis Poursalidis
  • Christos Nikolaou
Conference paper
Part of the Lecture Notes in Computer Science book series (LNCS, volume 4083)


In today’s Information Systems, users present credentials with local significance, to be authenticated and gain access to internal functionality. Users have different login-password combinations for each online service, or even different credentials for different roles within a service. As a result they tend to make poor password choices that are easy to remember, or even repeat the same login-password information on different services. This poses security threats to service providers and a privacy risk for end-users. The solution is to shift to identity management systems. Such a system will issue a digital identity for every user and will be able to control the full life-cycle of these identities, from creation to termination. Another aspect of such a system is the single sign-on mechanism, whereby a single action of user authentication and authorization can permit the user to access multiple services. The benefits are improved security, accountability and privacy protection.


Identity Management Trusted Third Party Federate System Service Mediator Identity Provider 
These keywords were added by machine and not by the authors. This process is experimental and the keywords may be updated as the learning algorithm improves.


Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.


  1. 1.
    Bajaj, S., et al.: Web Services Federation Language (WS-Federation). IBM Corporation et al., Specification Document (July 2003)Google Scholar
  2. 2.
    Hodges, J., Wason, T.: Liberty Architecture Overview. Liberty Alliance, White Paper (January 2003)Google Scholar
  3. 3.
    Brown, K.: Security Briefs: Step-by-Step Guide to InfoCard, http://msdn.microsoft.com//msdnmag/issues/06/05/securitybriefs/default.aspx
  4. 4.
  5. 5.
    Windley, P.: Digital Identity. O’Reilly, Sebastopol,California (2005)Google Scholar
  6. 6.
    Gladman, B., Ellison, C., Bohm, N.: Digital Signatures, Certificates and Electronic Commerce (April 1999)Google Scholar
  7. 7.
    Pfitzmann, B., Waidner, M.: Anonymity, Unobservability, Pseudonymity, and Identity Management - A proposal for terminology. Tu Dresden, Department of Computer Science Technical report (2004)Google Scholar
  8. 8.
    Buell, A.D., Sandhu, R.: Identity Management. IEEE Internet Computing, 26–28 (November 2003)Google Scholar
  9. 9.
    Hansen, M., Berlich, P., Camenisch, J., Claub, S., Pfitzmann, B., Waidner, M.: Privacy-Enhancing Identity Management. Information Security, vol. 9.1, pp. 35–44. Elsevier Science Press, Amsterdam (2004)Google Scholar
  10. 10.
    Marsh, S.: Identity and Authentication in the E-economy. In: Information Security, vol. 7.3, pp. 12–19. Elsevier Science Press, Amsterdam (2003)Google Scholar
  11. 11.
    Damiani, E., Vimercati, S., Samarati, P.: Managing Multiple and Dependable Identities. IEEE Internet Computing, 29–36 (December 2003)Google Scholar
  12. 12.
    Poursalidis, V.: Identity Management Infrastructure for the Digital World, Master’s Thesis, University of Crete (2005)Google Scholar

Copyright information

© Springer-Verlag Berlin Heidelberg 2006

Authors and Affiliations

  • Vassilis Poursalidis
    • 1
  • Christos Nikolaou
    • 1
  1. 1.Computer Science DepartmentUniversity of CreteHeraklion CreteGreece

Personalised recommendations