Boursas, L., Hommel, W. (2006):

Policy-based Service Provisioning and Dynamic Trust Management in Identity Federations


In Federated Identity Management (FIM), user administration is decentralized: Service Providers (SPs) can request information about the users from their respective Identity Providers (IDPs). The subsequent processing of this data with respect to service provisioning and various privacy aspects are open research issues. We first specify how SPs can use providerwide and service-specific XACML policies to enforce the required quality for the data delivered by the IDPs. Then, we demonstrate how aspects of trust and reputation management can improve the dynamics of Identity Federations and enhance the end users’ privacy. We also extend the identity-centric request-response model of today’s FIM protocols by group queries and demonstrate their application. Finally, we introduce our prototype and its integration into the Shibboleth FIM software.




Last Change: Fri, 22 Feb 2019 04:04:26 +0100 - Viewed on: Tue, 04 Aug 2020 13:23:31 +0200
Copyright © MNM-Team http://www.mnm-team.org - Impressum / Legal Info  - Datenschutz / Privacy