身份管理的模式语言

2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07) Pub Date : 2007-03-04 DOI:10.1109/ICCGI.2007.5

N. Delessy, E. Fernández, M. Larrondo-Petrie

{"title":"身份管理的模式语言","authors":"N. Delessy, E. Fernández, M. Larrondo-Petrie","doi":"10.1109/ICCGI.2007.5","DOIUrl":null,"url":null,"abstract":"The development of software has recently changed significantly. With the ubiquity of computing, users may need to access a wider range of applications, which may not know them in advance. Thus there is a need for dynamic trust establishment and identity exchange protocols and whatever security model is used must support these aspects. As a way to make these concepts more precise and concrete, we define architectural patterns for identity management. These patterns can then be used directly in the software development cycle, as proposed by different methodologies. The Identity Provider pattern centralizes the administration of a security domain's subjects. The circle of trust pattern represents a federation of service providers that share trust relationships. The identity federation pattern allows to federate multiple identities across multiple organizations under a common identity. This pattern relies on the SAML assertion pattern, which provides a unifying format for communicating identity information between different security domains.","PeriodicalId":102568,"journal":{"name":"2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07)","volume":"12 1","pages":"0"},"PeriodicalIF":0.0000,"publicationDate":"2007-03-04","publicationTypes":"Journal Article","fieldsOfStudy":null,"isOpenAccess":false,"openAccessPdf":"","citationCount":"43","resultStr":"{\"title\":\"A Pattern Language for Identity Management\",\"authors\":\"N. Delessy, E. Fernández, M. Larrondo-Petrie\",\"doi\":\"10.1109/ICCGI.2007.5\",\"DOIUrl\":null,\"url\":null,\"abstract\":\"The development of software has recently changed significantly. With the ubiquity of computing, users may need to access a wider range of applications, which may not know them in advance. Thus there is a need for dynamic trust establishment and identity exchange protocols and whatever security model is used must support these aspects. As a way to make these concepts more precise and concrete, we define architectural patterns for identity management. These patterns can then be used directly in the software development cycle, as proposed by different methodologies. The Identity Provider pattern centralizes the administration of a security domain's subjects. The circle of trust pattern represents a federation of service providers that share trust relationships. The identity federation pattern allows to federate multiple identities across multiple organizations under a common identity. This pattern relies on the SAML assertion pattern, which provides a unifying format for communicating identity information between different security domains.\",\"PeriodicalId\":102568,\"journal\":{\"name\":\"2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07)\",\"volume\":\"12 1\",\"pages\":\"0\"},\"PeriodicalIF\":0.0000,\"publicationDate\":\"2007-03-04\",\"publicationTypes\":\"Journal Article\",\"fieldsOfStudy\":null,\"isOpenAccess\":false,\"openAccessPdf\":\"\",\"citationCount\":\"43\",\"resultStr\":null,\"platform\":\"Semanticscholar\",\"paperid\":null,\"PeriodicalName\":\"2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07)\",\"FirstCategoryId\":\"1085\",\"ListUrlMain\":\"https://doi.org/10.1109/ICCGI.2007.5\",\"RegionNum\":0,\"RegionCategory\":null,\"ArticlePicture\":[],\"TitleCN\":null,\"AbstractTextCN\":null,\"PMCID\":null,\"EPubDate\":\"\",\"PubModel\":\"\",\"JCR\":\"\",\"JCRName\":\"\",\"Score\":null,\"Total\":0}","platform":"Semanticscholar","paperid":null,"PeriodicalName":"2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07)","FirstCategoryId":"1085","ListUrlMain":"https://doi.org/10.1109/ICCGI.2007.5","RegionNum":0,"RegionCategory":null,"ArticlePicture":[],"TitleCN":null,"AbstractTextCN":null,"PMCID":null,"EPubDate":"","PubModel":"","JCR":"","JCRName":"","Score":null,"Total":0}

引用次数: 43

摘要

软件开发最近发生了重大变化。随着计算的普及，用户可能需要访问更广泛的应用程序，而这些应用程序可能事先不知道他们。因此，需要动态信任建立和身份交换协议，无论使用何种安全模型，都必须支持这些方面。为了使这些概念更加精确和具体，我们定义了身份管理的体系结构模式。然后，这些模式可以在软件开发周期中直接使用，正如不同的方法所建议的那样。身份提供者模式集中管理安全域的主题。信任圈模式表示共享信任关系的服务提供者联盟。身份联合模式允许在一个公共身份下跨多个组织联合多个身份。此模式依赖于SAML断言模式，该模式为在不同安全域之间通信身份信息提供了统一的格式。

本文章由计算机程序翻译，如有差异，请以英文原文为准。

查看原文本刊更多论文

A Pattern Language for Identity Management

The development of software has recently changed significantly. With the ubiquity of computing, users may need to access a wider range of applications, which may not know them in advance. Thus there is a need for dynamic trust establishment and identity exchange protocols and whatever security model is used must support these aspects. As a way to make these concepts more precise and concrete, we define architectural patterns for identity management. These patterns can then be used directly in the software development cycle, as proposed by different methodologies. The Identity Provider pattern centralizes the administration of a security domain's subjects. The circle of trust pattern represents a federation of service providers that share trust relationships. The identity federation pattern allows to federate multiple identities across multiple organizations under a common identity. This pattern relies on the SAML assertion pattern, which provides a unifying format for communicating identity information between different security domains.

求助全文

通过发布文献求助，成功后即可免费获取论文全文。去求助

来源期刊

2007 International Multi-Conference on Computing in the Global Information Technology (ICCGI'07)

自引率

0.00%

发文量