Ferdous, M.S. and Poet, R. (2013) Dynamic identity federation using security assertion markup language (SAML). In: IFIP IDMAN 2013: Policies and Research in Identity Management, London, UK, 8-9 Apr 2013,
Full text not currently available from Enlighten.
Publisher's URL: http://www.idman2013.com/index.html
Abstract
Security Assertion Markup Language (SAML, in short) is one of the most widely used technologies to enable Identity F ederation among organisations from different trust domains. Despite its several advantages, one of the key disadvantages of SAML is the mechanism by which an identity federation is established. This mechanism lacks flexibility to create a federation in a dynamic fashion to enable service provisioning (or de-provisioning) in real time. Several different mecha-nisms to rectify this problem have been proposed. However, most of them require a more elaborate change at the core of the SAML. In this pa-per we present a simple approach based on an already drafted SAML Profile which requires no change of the SAML, rather it depends on the implementation of SAML. It will allow users to create federations using SAML between two prior unknown organisations in a dynamic fashion. Implicit in each identity federation is the issue of trust. Therefore, we also analyse in detail the trust issues of dynamic federations. Finally, we discuss our implemented proof of concept to elaborate the practicality of our approach.
Item Type: | Conference Proceedings |
---|---|
Status: | Published |
Refereed: | Yes |
Glasgow Author(s) Enlighten ID: | Poet, Dr Ron |
Authors: | Ferdous, M.S., and Poet, R. |
Subjects: | Q Science > QA Mathematics > QA75 Electronic computers. Computer science |
College/School: | College of Science and Engineering > School of Computing Science |
University Staff: Request a correction | Enlighten Editors: Update this record