Level of Assurance Management Automation for Dynamic Identity Federations based on Vectors of Trust
Zeitschrift:
Praxis der Informationsverarbeitung und Kommunikation (PIK)
Jahrgang:
39
Heftnummer:
3-4
Verlag:
De Gruyter
Jahr:
2017
Seiten von - bis:
41-50
Sprache:
Englisch
Stichwörter:
Access Control ; Authentication Infrastructures ; Federated Identity Management ; G'EANT ; Level of Assurance ; OpenID ; Security Assertion Markup Language ; Trust Management ; Vectors of Trust
Abstract:
Accessing remote IT services through identity federations (IFs) is based on solid technical protocols such as the Security Assertion Markup Language (SAML) and OpenID Connect. However, reliable delegated user authentication and authorization also pose organizational challenges regarding the quality management of user data. Level of Assurance (LoA) concepts have been adapted and applied to IFs, but their inhomogeneous proliferation bears the risk of aggravating instead of simplifying the manual work steps. This is increased by the providing IT services for multiple or dynamically set up IFs. This article presents a novel LoA management approach that has been designed for a high degree of automation, adopts the approach for the dynamic metadata exchange by G'EANT-TrustBroker and exemplifies its usage. «
Accessing remote IT services through identity federations (IFs) is based on solid technical protocols such as the Security Assertion Markup Language (SAML) and OpenID Connect. However, reliable delegated user authentication and authorization also pose organizational challenges regarding the quality management of user data. Level of Assurance (LoA) concepts have been adapted and applied to IFs, but their inhomogeneous proliferation bears the risk of aggravating instead of simplifying the manual w... »