Core Structure Elements Architectures to Facilitate Construction and Secure Interconnection of Mobile Services Frameworks and Advanced IAM Systems

  • Athanasios Karantjias
  • Nineta Polemi
Part of the Lecture Notes of the Institute for Computer Sciences, Social Informatics and Telecommunications Engineering book series (LNICST, volume 26)

Abstract

The impressing penetration rates of electronic and mobile networks provide the unique opportunity to organizations to provide advanced e/m-services, accelerating their entrance in the digital society, and strengthening their fundamental structure. Service Oriented Architectures (SOAs) is an acknowledged promising technology to overcome the complexity inherent to the communication among multiple e-business actors across organizational domains. Nevertheless, the need for more privacy-aware transactions raises specific challenges that SOAs need to address, including the problems of managing identities and ensuring privacy in the e/m-environment. This article presents a targeted, user-centric scalable and federated Identity Management System (IAM), calledSecIdAM, and a mobile framework for building privacy-aware, interoperable, and secure mobile applications with respect to the way that the trust relationship among the involved entities, users and SOAs, is established. Finally, it analyzes a user-transparent m-process for obtaining an authentication and authorization token, issued from the SecIdAM as integrated in the IST European programme SWEB for the public sector.

Keywords

e/m-Federation Identity and Access Management Privacy Security Cryptography 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Bertino, E., Martino, L.D.: A Service-oriented Approach to Security - Concepts and Issues. In: Eighth International Symposium on Autonomous Decentralized Systems, ISADS 2007, Sedona USA, pp. 7–16 (2007)Google Scholar
  2. 2.
    Peyton, L., Doshi, C., Seguin, P.: An audit trail service to enhance privacy compliance in federated identity management. In: Proceedings of the 2007 conference of the center for advanced studies on Collaborative research, CASCON 2007, pp. 175–187. ACM, Ontario (2007)CrossRefGoogle Scholar
  3. 3.
    Kaliontzoglou, A., Sklavos, P., Karantjias, T., Polemi, D.: A secure e-Government platform architecture for small to medium sized public organizations. Electronic Commerce Research & Applications 4(2), 174–186 (2005)CrossRefGoogle Scholar
  4. 4.
    Liberty Alliance. Liberty ID-WSF Web Services Framework Overview, version 2.0 specifications, http://www.projectliberty.org
  5. 5.
    Papastergiou, S., Karantjias, A., Polemi, D.: A Federated Privacy-Enhancing Identity Management System (FPE-IMS). In: Proceedings of the 18th Annual IEEE International Symposium on Personal, Indoor and Mobile Radio Communications, Athens (2007)Google Scholar
  6. 6.
    Lockhart, H., et al.: Web Services Federation Language (WS-Federation). Version 1.1 (December 2007)Google Scholar
  7. 7.
    SWEB IST project, Secure, interoperable, cross border m-services contributing towards a trustful European cooperation with the non-EU member Western Balkan countries, Sixth Framework Programme, IST-2006-2.6.5, http://www.sweb-project.org
  8. 8.
    Liberty Alliance Project, Liberty Alliance & WS-Federation: A Comparative Overview (2003), http://www.projectliberty.org/resources%20/whitepapers/
  9. 9.
    Goodner, M., et al.: Understanding WS-Federation, version 1.0 (2007)Google Scholar
  10. 10.
    PRIME Project, Privacy and Identity Management for Europe, European R&D Integrated Project under the FP6/IST Programme (2005), http://www.prime-project.eu.org
  11. 11.
    Meints, M., et al.: D3.1: Structured Overview on Prototypes and Concepts of Identity Management Systems (2005), http://www.fidis.net/fileadmin/fidis/deliverables%20/fidis-wp3-del3.1.overview_on_IMS.final.pdf
  12. 12.
    Rieger, S., Neumair, B.: Towards usable and reasonable Identity Management in hererogeneous IT infrastructures. In: 10th IFIP/IEEE International Symposium on Integrated Network Management – IM 2007, Munich, pp. 560–574 (2007)Google Scholar
  13. 13.
    Corradini, F., et al.: The e-Government digital credentials. International Journal of Electronic Governance (IJEG) 1(1), 17–37 (2007), http://www.inderscience.com/filter.php?aid=14341 CrossRefGoogle Scholar
  14. 14.
    Haddad, W.: Anonymity, Unlinkability, Unobservability, Pseudonymity, and Identity Management – A Consolidated Proposal for Terminology. Network Working Group, IETF Trust (2008)Google Scholar
  15. 15.
    Directive, Directive 97/66/EC of the European Parliament and of the Council of 15th December 1997 concerning the processing of personal data and the protection of privacy in the telecommunications sector. Official Journal L L 024, 0001– 0008 (1997) Google Scholar
  16. 16.
    Directive, Directive 01/45/EC of the European Parliament and the Council of Ministers on the protection of individuals with regard to the processing of personal data by the Community institutions and bodies and on the free movement of such data. Official Journal L 008, 0001– 0022 (2001)Google Scholar
  17. 17.
    SAML, Security Assertion Markup Language v.2.0 – Technical Overview. Working Draft 1.0 (2006), http://www.oasis-open.org
  18. 18.
    OASIS WSFED Technical Committee, Web Services Federation Language Version 1.2, OASIS, Working Draft (2008)Google Scholar
  19. 19.
    Pasley, J.: How BPEL and SOA Are Changing Web Services Development. IEEE Internet Computing 9(3), 60–67 (2005)CrossRefGoogle Scholar
  20. 20.
    Mule Technical Committee, “Mule 2.0”, Release Candidate 2 (2008), http://mule.mulesource.org
  21. 21.
    OASIS Web Service Secure Exchange Technical Committee, OASIS WS-Trust 1.3, OASIS Standard (2007)Google Scholar
  22. 22.
    SWEB consortium, D4.1: SWEB platform development report, European Commission, Belgium (2008)Google Scholar

Copyright information

© ICST Institute for Computer Science, Social Informatics and Telecommunications Engineering 2010

Authors and Affiliations

  • Athanasios Karantjias
    • 1
  • Nineta Polemi
    • 1
  1. 1.Informatics DepartmentUniversity of PireausPireausGreece

Personalised recommendations