Privacy Preserving Identity Federation: A Literature Study

IF 28 1区计算机科学 Q1 COMPUTER SCIENCE, THEORY & METHODS

ACM Computing Surveys Pub Date : 2025-07-01 DOI:10.1145/3745018

Anne Bumiller, Elisavet Kozyri, Håvard Dagenborg

{"title":"Privacy Preserving Identity Federation: A Literature Study","authors":"Anne Bumiller, Elisavet Kozyri, Håvard Dagenborg","doi":"10.1145/3745018","DOIUrl":null,"url":null,"abstract":"Within an Identity federation (IF) system, users gain access to multiple Service Providers (SPs) by submitting credentials issued by one or more Identity Providers (IdPs). Such Identity Federations (IFs) raise several privacy concerns: IdPs might track user activity, by recording the accessed services, and SPs might mismanage sensitive user attributes that comprise the submitted credentials. An extensive line of research on Privacy Preserving IF has been developed to expose and address these privacy concerns. This survey aims to systematize the privacy requirements and enhancement techniques that has been employed so far in this line of research. Specifically, we use Systematic Mapping Study (SMS) and Systematic Literature Review (SLR) methodologies to organize research work from the last ten years and understand (i) the requirements that privacy-preserving IF is expected to satisfy, (ii) the degree at which these requirements have been formalized, (iii) the techniques employed to enforce these requirements, (iv) the means for providing enforcement assurance, and (v) the degree at which these techniques preserve fundamental authentication objectives and are aligned with existing IF standards. Based on this characterization of the literature, we draw conclusions about the rigorousness of the proposed approaches, their deployability into practice, and lessons learned for future research and practice in the field.","PeriodicalId":50926,"journal":{"name":"ACM Computing Surveys","volume":"19 1","pages":""},"PeriodicalIF":28.0000,"publicationDate":"2025-07-01","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"0","resultStr":null,"platform":"Semanticscholar","paperid":null,"PeriodicalName":"ACM Computing Surveys","FirstCategoryId":"94","ListUrlMain":"https://doi.org/10.1145/3745018","RegionNum":1,"RegionCategory":"计算机科学","ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"Q1","JCRName":"COMPUTER SCIENCE, THEORY & METHODS","Score":null,"Total":0}

引用次数: 0

Abstract

Within an Identity federation (IF) system, users gain access to multiple Service Providers (SPs) by submitting credentials issued by one or more Identity Providers (IdPs). Such Identity Federations (IFs) raise several privacy concerns: IdPs might track user activity, by recording the accessed services, and SPs might mismanage sensitive user attributes that comprise the submitted credentials. An extensive line of research on Privacy Preserving IF has been developed to expose and address these privacy concerns. This survey aims to systematize the privacy requirements and enhancement techniques that has been employed so far in this line of research. Specifically, we use Systematic Mapping Study (SMS) and Systematic Literature Review (SLR) methodologies to organize research work from the last ten years and understand (i) the requirements that privacy-preserving IF is expected to satisfy, (ii) the degree at which these requirements have been formalized, (iii) the techniques employed to enforce these requirements, (iv) the means for providing enforcement assurance, and (v) the degree at which these techniques preserve fundamental authentication objectives and are aligned with existing IF standards. Based on this characterization of the literature, we draw conclusions about the rigorousness of the proposed approaches, their deployability into practice, and lessons learned for future research and practice in the field.

查看原文本刊更多论文

隐私保护身份联盟：文献研究

在身份联合（Identity federation， IF）系统中，用户通过提交由一个或多个身份提供者（Identity provider, idp）颁发的凭证来访问多个服务提供者（Service provider, sp）。这样的身份联合（if）引起了几个隐私问题：idp可能通过记录访问的服务来跟踪用户活动，sp可能对包含提交凭据的敏感用户属性管理不当。为了揭露和解决这些隐私问题，已经开展了广泛的隐私保护IF研究。这项调查的目的是系统化的隐私要求和增强技术，已经采用了迄今为止在这方面的研究。具体而言，我们使用系统映射研究（SMS）和系统文献综述（SLR）方法来组织过去十年的研究工作，并了解(i)隐私保护IF期望满足的要求，（ii）这些要求已形式化的程度，（iii）用于执行这些要求的技术，（iv）提供执行保证的手段，(v)这些技术保持基本认证目标并与现有IF标准保持一致的程度。基于这些文献的特征，我们得出结论，提出的方法的严谨性，它们在实践中的可部署性，以及为该领域未来的研究和实践吸取的经验教训。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

求助全文

约1分钟内获得全文求助全文

来源期刊

ACM Computing Surveys 工程技术-计算机：理论方法

CiteScore

33.20

自引率

0.60%

发文量

372

审稿时长

12 months

期刊介绍： ACM Computing Surveys is an academic journal that focuses on publishing surveys and tutorials on various areas of computing research and practice. The journal aims to provide comprehensive and easily understandable articles that guide readers through the literature and help them understand topics outside their specialties. In terms of impact, CSUR has a high reputation with a 2022 Impact Factor of 16.6. It is ranked 3rd out of 111 journals in the field of Computer Science Theory & Methods. ACM Computing Surveys is indexed and abstracted in various services, including AI2 Semantic Scholar, Baidu, Clarivate/ISI: JCR, CNKI, DeepDyve, DTU, EBSCO: EDS/HOST, and IET Inspec, among others.