Thorsten Höllrigl, H. Kühner, J. Dinger, H. Hartenstein
{"title":"扩展信息卡系统,实现用户控制的自动身份授权","authors":"Thorsten Höllrigl, H. Kühner, J. Dinger, H. Hartenstein","doi":"10.1109/INM.2011.5990580","DOIUrl":null,"url":null,"abstract":"The growing number of IT services in distributed systems is directly related to the security and privacy of personal data. User-centric federated identity management (FIM) attends to the privacy issue by enabling users to approve each data dissemination between the providers of identity-related information, so-called identity providers (IdPs), and the consumers of this information, the service providers (SPs). Furthermore, user-centric FIM tries to improve security and usability by providing users with a consistent digital-identity experience using so-called information cards (InfoCards). The InfoCard-based approach can help to improve usability, privacy and security, however, the approach is limited to front-channel communication and requires that each data exchange is manually approved by the user. A back-channel communication might be required in scenarios, in which an IdP wants to notify SPs about e.g. a deactivation of a user. In [3] we proposed an approach, named User-Controlled Automated Identity Delegation, that allows a back-channel communication by automating user approval based on delegation. In this paper we demonstrate the practicality of the approach in a real-world scenario by providing a performance evaluation conducted on a prototypical implementation.","PeriodicalId":433520,"journal":{"name":"12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops","volume":"82 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2011-05-23","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"1","resultStr":"{\"title\":\"Extension for information card systems to achieve User-Controlled Automated Identity Delegation\",\"authors\":\"Thorsten Höllrigl, H. Kühner, J. Dinger, H. Hartenstein\",\"doi\":\"10.1109/INM.2011.5990580\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The growing number of IT services in distributed systems is directly related to the security and privacy of personal data. User-centric federated identity management (FIM) attends to the privacy issue by enabling users to approve each data dissemination between the providers of identity-related information, so-called identity providers (IdPs), and the consumers of this information, the service providers (SPs). Furthermore, user-centric FIM tries to improve security and usability by providing users with a consistent digital-identity experience using so-called information cards (InfoCards). The InfoCard-based approach can help to improve usability, privacy and security, however, the approach is limited to front-channel communication and requires that each data exchange is manually approved by the user. A back-channel communication might be required in scenarios, in which an IdP wants to notify SPs about e.g. a deactivation of a user. In [3] we proposed an approach, named User-Controlled Automated Identity Delegation, that allows a back-channel communication by automating user approval based on delegation. In this paper we demonstrate the practicality of the approach in a real-world scenario by providing a performance evaluation conducted on a prototypical implementation.\",\"PeriodicalId\":433520,\"journal\":{\"name\":\"12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops\",\"volume\":\"82 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2011-05-23\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"1\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/INM.2011.5990580\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"12th IFIP/IEEE International Symposium on Integrated Network Management (IM 2011) and Workshops","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/INM.2011.5990580","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}
Extension for information card systems to achieve User-Controlled Automated Identity Delegation
The growing number of IT services in distributed systems is directly related to the security and privacy of personal data. User-centric federated identity management (FIM) attends to the privacy issue by enabling users to approve each data dissemination between the providers of identity-related information, so-called identity providers (IdPs), and the consumers of this information, the service providers (SPs). Furthermore, user-centric FIM tries to improve security and usability by providing users with a consistent digital-identity experience using so-called information cards (InfoCards). The InfoCard-based approach can help to improve usability, privacy and security, however, the approach is limited to front-channel communication and requires that each data exchange is manually approved by the user. A back-channel communication might be required in scenarios, in which an IdP wants to notify SPs about e.g. a deactivation of a user. In [3] we proposed an approach, named User-Controlled Automated Identity Delegation, that allows a back-channel communication by automating user approval based on delegation. In this paper we demonstrate the practicality of the approach in a real-world scenario by providing a performance evaluation conducted on a prototypical implementation.
求助内容:
应助结果提醒方式:
京公网安备 11010802042870号
