Advertisement

Bridging between SAML-Based Payment and Other Identity Federation Payment Systems

  • David J. Lutz
Part of the Communications in Computer and Information Science book series (CCIS, volume 194)

Abstract

Identity Federations are increasingly being used to establish convenient and secure attribute-based authentication and authorization systems. During the last few years, a third aspect has become important within these federations: i.e., payment. Thus, several payment approaches have been designed and used in Identity Federations. However, when more than one federation is being combined into an inter-federation association, federation bridges have to be established to translate messages between the participating federations. Whilst the problem of bridging identity information between federations has already been considered in many research activities, the problem of how to bridge payment data still remains unsolved. Therefore, this paper presents a solution to bridge between a SAML-based payment enabled Identity Federation and four other kinds of payment solutions used by Identity Federations.

Keywords

Identity Federation ePayment Inter-Federation Bridges 

Preview

Unable to display preview. Download preview PDF.

Unable to display preview. Download preview PDF.

References

  1. 1.
    Lutz, D.: Payment Processes for Identity Federations: The SAML-based Payment Approach. Shaker, Aachen (2011)Google Scholar
  2. 2.
    Internet2. About Shibboleth, http://shibboleth.internet2.edu/about.html (last visited: May 9, 2009)
  3. 3.
    Maler, E., Mishra, P., Philpott, R.: Bindings and Profiles for the OASIS Security Assertion Markup Language (SAML) /security (2003), http://www.oasis-open.org/committees (last visited: May 19, 2009)
  4. 4.
    Wason, T., et al.: Liberty ID-FF Architecture Overview, http://www.projectliberty.org/resource_center/specifications/liberty_alliance_id_ff_1_2_specifications (last visited: May 19, 2009)
  5. 5.
    Cantor, S., Kemp, J., Champagne, D.: Liberty ID-FF Bindings and Protocol Specification, http://www.projectliberty.org/resource_center/specifications/liberty_alliance_id_ff_1_2_specifications (last visited: May 19, 2009)
  6. 6.
    Tourzan, J., et al.: Liberty ID-WSF Web Services Framework Overview, http://www.projectliberty.org/resource_center/specifications/liberty_alliance_id_wsf_2_0_specifications (last visited: October 13, 2009)
  7. 7.
    Lockhart, H., et al.: Web Services Federation Language (WS-Federation), Version 1.1. IBM Corporation (December 2006), http://www.ibm.com/developerworks/library/specification/ws-fed/ (last visited: May 9, 2009)
  8. 8.
    Howlett, J., Nordh, V., Singer, W.: EduGAIN Service Definition and Policy Initial Draft, http://www.geant.net/Media_Centre/Media_Library/Media%20Library/GN3-10-081-DS3_3_1_eduGAIN_service_definition_and_policy.pdf (last visited: January 14, 2011)
  9. 9.
    Leitold, H.: Challenges of eID Interoperability: What we learn(ed) from the STORK Journey?, http://www.cs.kau.se/IFIP-summerschool/slides/herbert.pdf (last visited: January 14, 2011)
  10. 10.
    Secure Widespread Identities for Federated Telecommunications (SWIFT), http://www.ist-swift.org/ (last visited: January 21, 2011)
  11. 11.
    SEMIRAMIS project: Semiramis Website, http://www.semiramis-cip.eu/ (last visited: January 11, 2011)
  12. 12.
    Mann, R.: Payment Systems and other Financial Transactions. Aspen Publishers, Inc., New York (2006)Google Scholar
  13. 13.
    IBM International Technical Support Organization. Secure Electronic Transactions: Credit Card Payment on the Web in Theory and Practice. Redbook, IBM Corporation (June 1997)Google Scholar
  14. 14.
    PayPal Inc. The PayPal Website, https://www.paypal.com (last visited: May 19, 2009)
  15. 15.
    Nokia Corporation, SUN Microsystems. Deploying Mobile Web Services using Liberty Alliance’s Identity Web Services Framework (ID-WSF). White Paper.Google Scholar
  16. 16.
    Fulup Ar Foll. Liberty Alliance - From Usecases to Specifications. Sun Microsystems.Google Scholar
  17. 17.
    Jennings, C., Jun, G.: Payment for Services in Session Initiation Protocol (SIP) 2007, http://www.ietf.org/ID.html (last visited: May 19, 2007),
  18. 18.
    Ragouzis, N., et al.: Security Assertion Markup Language (SAML) V2.0 Technical Overview (October 2006), http://www.oasis-open.org/committees/download.php/14361/sstc-saml-tech-overview-2.0-draft-08.pdf (last visited: May 19, 2009)
  19. 19.
    Cantor, S.: at al. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0 (2005), http://docs.oasis-open.org/security/saml/v2.0/ (last visited: March 17, 2009)

Copyright information

© Springer-Verlag Berlin Heidelberg 2011

Authors and Affiliations

  • David J. Lutz
    • 1
  1. 1.Rechenzentrum Universität StuttgartStuttgartGermany

Personalised recommendations