Abstract
Increasingly complex networks and distributed services entail new challenges concerning interoperability and integration of security mechanisms. The currently available solutions, e.g. directory services or distributed authentication systems have disadvantages that can be overcome by a new approach based on mapping identities. Identity mapping allows assigning the identity of one human to different users in various systems. The security features of every system can be fully used and no common denominator limits the power of a single system. This paper’ describes the different types of mappings that are necessary to implement such a system. Mappings cannot occur only on a user-user basis but also roles and groups have to be considered to correctly represent modern security issues.
The original version of this chapter was revised: The copyright line was incorrect. This has been corrected. The Erratum to this chapter is available at DOI: 10.1007/978-0-387-35515-3_53
Chapter PDF
Similar content being viewed by others
References
Castano S., Fugini M., Mertella G., Samarati P. (1995) Database Security,Addison-Wesley.
Kohl J., Neuman C. (1993) The Kerberos Network Authentication Service, RFC 1510.
McMahon P.V. (1994) SESAME V2 Public Key and Authorization Extensions to Kerberos, ISOC Symposium.
Oppliger R. (1998) Internet and Intranet Security. Artech Haus Publishers, Norwood, MA, 1998. ISBN 0–89006–829–1.
Sandhu R.S., Coyne E.J (1996) Role-Based Access Control Models, IEEE Computer, Vol. 29, No. 2, Feb. 1996.
Sandhu R.S., Samarati P. (1996) Authentication, Access Control, and Audit. ACM Computing Surveys, Vol. 28, No. 1, March 1996.
Schneier B. (1996) Applied Cryptography,2nd Ed., John Wiley & Sons, 1996. ISBN 3–89319854–7.
Steiner J.G., Neuman C., Schiller J.I. (1988) Kerberos: An Authentication Service for Open Network Systems. Proc. Winter 1988 Usenix Conference, 1988.
Wahl M., Howes T., Kille S. (1997) Lightweight Directory Access Protocol (v3), RFC 2251, 1997.
Wiederhold G. (1992) Mediators in the Architecture of Future Information Systems. IEEE Computer, Vol. 25, No. 3, pp. 38–49, March 1992.
X.500 (1997) Information technology— Open systems Interconnection — The Directory: Overview of concepts, models and services, International Telecommunication Union (ITU), 1997.
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2000 IFIP International Federation for Information Processing
About this paper
Cite this paper
Essmayr, W., Weippl, E. (2000). Identity Mapping. In: Qing, S., Eloff, J.H.P. (eds) Information Security for Global Information Infrastructures. SEC 2000. IFIP — The International Federation for Information Processing, vol 47. Springer, Boston, MA. https://doi.org/10.1007/978-0-387-35515-3_9
Download citation
DOI: https://doi.org/10.1007/978-0-387-35515-3_9
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4757-5479-7
Online ISBN: 978-0-387-35515-3
eBook Packages: Springer Book Archive