Abstract
Federated Authentication and Authorization is an emerging technology with the potential to facilitate seamless access to information from a variety of providers. Within this chapter we summarize the key concepts, technologies, protocols, and national and even international structures that are being developed to support federated security. We start with the environmental drivers that are stimulating this technology to develop. We then discuss two major approaches to federated security: those based on assertion-based identity and assurance and those based on public key infrastructure. In the second part of the chapter, we discuss the three major components required for development of federated authentication systems: the representation of identity in cyberspace, the manner in which credentials or identity tokens are made available to users, and the required governance processes supporting these concepts. The chapter concludes with a brief overview of the emerging national-scale infrastructure in the form of identity federations, and we present a brief background on these initiatives and the tools and local infrastructure required for joining them.
This is a preview of subscription content, log in via an institution.
Buying options
Tax calculation will be finalised at checkout
Purchases are for personal use only
Learn about institutional subscriptionsNotes
- 1.
Or perhaps agreed upon mechanisms to allow such fabrics to be negotiated in real time, as this is an emerging area of research.
References
Burr WE, Dodson DF, Polk WT (2006) NIST Special Publication 800-63 Version 1.0.2. Electronic authentication guideline. US Department of Commerce, National Institute of Standards and Technology. http://csrc.nist.gov/publications/nistpubs/800-63/SP800-63V1_0_2.pdf. Accessed 28 September 2009
Chadwick DW (2006) Authorisation using attributes from multiple authorities. In: Proceedings of the Fifteenth IEEE international workshops on enabling technologies: infrastructure for collaborative enterprises, pp 326–331. doi:10.1109/WETICE.2006.22
Fishbein EA (1991) Ownership of research data. Acad Med 66(3):129–133
Foster I (2006) Globus toolkit version 4: software for service-oriented systems. In: IFIP international conference on network and parallel computing, LNCS 3779. Springer, Berlin, pp 2–13
Langella S, Oster S, Hastings S, Siebenlist F, Phillips J, Ervin D, Permar J, Kurc T, Saltz J (2007) The Cancer Biomedical Informatics Grid (caBIG) security infrastructure. AMIA Annual Symp Proc 2007:433–437
Loshin D (2002) Knowledge integrity: data ownership (Online) June 8, 2004. http://www.datawarehouse.com/article/?articleid=3052. Accessed March 2009
Manion FJ, Robbins RJ, Weems WA, Crowley RS (2009) Security and privacy requirements for a multi-institutional cancer research data grid: an interview-based study. BMC Med Inform Decis Mak 9:31. doi:10.1186/1472-6947-9-31
Robbins RJ, Crowley R, Weems WA, Whitney D, Ransom M, Mathew G, Olivastro D, Chisti A, Manion FJ (2007) Technical implications generated by requirements discovered in caBIG™ security, privacy, and IRB interviews. Available at http://gforge.nci.nih.gov/frs/download.php/1972/DSIC_Security_Deliverable_6.pdf
Weems WA, Robbins, RJ, Whitney D, Crowley R, Manion FJ (2007) caBIG™ Major governance and policy areas. Available at http://gforge.nci.nih.gov/frs/download.php/1975/DSIC_Security_Deliverable_13.pdf
Author information
Authors and Affiliations
Corresponding author
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer Science+Business Media, LLC
About this chapter
Cite this chapter
Manion, F.J., Weems, W., McNamee, J. (2010). Federated Authentication. In: Ochs, M., Casagrande, J., Davuluri, R. (eds) Biomedical Informatics for Cancer Research. Springer, Boston, MA. https://doi.org/10.1007/978-1-4419-5714-6_5
Download citation
DOI: https://doi.org/10.1007/978-1-4419-5714-6_5
Published:
Publisher Name: Springer, Boston, MA
Print ISBN: 978-1-4419-5712-2
Online ISBN: 978-1-4419-5714-6
eBook Packages: MedicineMedicine (R0)