Abstract
This paper addresses the topic of federated identity management. It discusses in detail the following topics: what is digital identity, what is identity management, what is federated identity management, Kim Cameron’s 7 Laws of Identity, how can we protect the user’s privacy in a federated environment, levels of assurance, some past and present federated identity management systems, and some current research in FIM.
This is a preview of subscription content, log in via an institution to check access.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
ITU-T. NGN identity management framework. Recommendation Y.2720
ITU-T. Baseline capabilities for enhanced global identity management trust and interoperability. Draft New Recommendation ITU-T X.1250 (X.idmreq) (February 2009)
ISO/ITU-T. The Directory: Models ISO 9594-2/ITU-T Rec. X.501 (2009)
Bob Morgan, R.L., Cantor, S., Carmody, S., Hoehn, W., Klingenstein, K.: Federated Security: The Shibboleth Approach. Educause Quarterly 27(4) (2004)
Nanda, A., Jones, M.B.: Identity Selector Interoperability Profile v1.5. Microsoft Corporation (July 2008), http://download.microsoft.com/download/1/1/a/11ac6505-e4c0-4e05-987c-6f1d31855cd2/Identity_Selector_Interoperability_Profile_V1.5.pdf
Cameron, K.: The Laws of Identity (May 2005), http://www.identityblog.com/?p=352/#lawsofiden_topic3
OASIS. SAML 2.0 profile of XACMLv2.0. OASIS standard (February 1, 2005)
OECD. Guidelines on the Protection of Privacy and Transborder Flows of Personal Data (September 23, 1980)
Liberty Alliance Project. Liberty ID-WSF Web Services Framework Overview Version: 2.0, http://www.projectliberty.org/specifications__1
OASIS. Level of Assurance Authentication Context Profiles for SAML 2.0 Working Draft 01 (July 1, 2008)
OpenID Authentication 2.0 – Final (December 5, 2007), http://openid.net/specs/openid-authentication-2_0.html
OASIS. eXtensible Access Control Markup Language (XACML) Version 2.0 OASIS Standard (February 1, 2005)
Chadwick, D., Zhao, G., Otenko, S., Laborde, R., Su, L., Nguyen, T.A.: PERMIS: a modular authorization infrastructure. Concurrency And Computation: Practice And Experience 20(11), 1341–1357 (2008)
For info about ShARPE, http://www.mams.org.au/confluence/display/SHA/ShARPE , http://www.federation.org.au/twiki/bin/view/Federation/ShARPE
Chappell, D.: Introducing Windows CardSpace. MSDN (April 2006), http://msdn.microsoft.com/en-us/library/aa480189.aspx
Gajek, S., Schwenk, J., Xuan, C.: On the Insecurity of Microsoft’s Identity Metasystem. Technical Report TR-HGI-2008-003, Ruhr-Universitat Bochum (June 2008), http://demo.nds.rub.de/cardspace/GaScXu08_CardSpaceTR.pdf
OASIS. WS-SecurityPolicy 1.2, OASIS Standard (July 1, 2007)
W3C. Web Services Addressing (WS-Addressing). W3C Member Submission (August 10, 2004)
OASIS, WS-Trust 1.3, OASIS Standard (March 19, 2007)
BEA Systems, Computer Associates, IBM, Microsoft, SAP, Sun Microsystems, and web Methods. Web Services Metadata Exchange (WS-MetadataExchange) Version 1.1 (August 2006)
Chadwick, D.W., Inman, G.: Attribute Aggregation in Federated Identity Management. IEEE Computer, 46–53 (May 2009)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2009 Springer-Verlag Berlin Heidelberg
About this chapter
Cite this chapter
Chadwick, D.W. (2009). Federated Identity Management. In: Aldini, A., Barthe, G., Gorrieri, R. (eds) Foundations of Security Analysis and Design V. FOSAD FOSAD FOSAD 2009 2007 2008. Lecture Notes in Computer Science, vol 5705. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-03829-7_3
Download citation
DOI: https://doi.org/10.1007/978-3-642-03829-7_3
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-03828-0
Online ISBN: 978-3-642-03829-7
eBook Packages: Computer ScienceComputer Science (R0)