Abhilasha B. Spantzel and Anna C. Squicciarini and Elisa Bertino

CERIAS TR 2005-46

inproceedings

Most organizations today require the verification of personal information pertaining to users in order to provide service to users. Privacy of such information is of growing concern and because organizations often ask for similar information, this process can also be redundant and inefficient. Recent proposals dealing with federated identity management have the potential to alleviate such problems. A federation is a set of organizations that establish mutual trust with each other. This allows them to share client information whenever possible depending on their service disclosure policies and user privacy preferences. This paper addresses such problem by integrating federated identity management with trust negotiation techniques. We focus on a trust negotiation approach suitable for federated environments. Our federated trust negotiation approach relies on the use of special-purpose tickets, that is, signed assertions that are released by the federation members to users upon successful negotiations. The main advantage of such integration is that if a user has already successfully negotiated with a member of the federation, subsequent negotiations with other federation members may require a reduced number of interactions between the client and the service provider.

PDF

2005

review IEEE Security and Privacy Magazine

Federated Idenity Management

Purdue University

CERIAS

2005-01-01

Federated identity management , trust negotiation, access control, security and privacy

A hard-copy of this is in REC 216

Federated Identity Management and Trust Negotiation