Géant-TrustBroker: Dynamic, Scalable Management of SAML-Based Inter-federation Authentication and Authorization Infrastructures

Daniela Pöhn 1 Stefan Metzger 1 Wolfgang Hommel 1
1 MNM-Team - Munich Network Management Team
TUM - Technical University of Munich, LMU - Ludwig-Maximilians University [Munich]
Abstract : We present the concept and design of Géant-TrustBroker, a new service to facilitate multi-tenant ICT service user authentication and authorization (AuthNZ) management in large-scale eScience infrastructures that is researched and implemented by the pan-European research and education network, Géant. Géant-TrustBroker complements eduGAIN, a successful umbrella inter-federation created on top of national higher education federations in more than 20 countries world-wide. Motivated by experiences with real-world limits of eduGAIN, Géant-TrustBroker’s primary goal is to enable a dynamic and highly scalable management of identity federations and inter-federations. Instead of eduGAIN’s federation-of-federations approach, Géant-TrustBroker enables the on-demand establishment and life-cycle management of dynamic virtual federations and achieves a high level of automation to reduce the manual workload for the participating organizations, which so far is one of the most significant obstacles for the adoption of Federated Identity Management, e.g., based on the SAML standard. We contrast Géant-TrustBroker with other state-of-the-art approaches, present its workflows and internal mode of operations and give an outlook to how eduGAIN can be used in combination with Géant-TrustBroker to solve current AuthNZ problems in international research projects and communities.
Type de document :
Communication dans un congrès
Nora Cuppens-Boulahia; Frédéric Cuppens; Sushil Jajodia; Anas Abou El Kalam; Thierry Sans. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. Springer, IFIP Advances in Information and Communication Technology, AICT-428, pp.307-320, 2014, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-642-55415-5_25〉
Liste complète des métadonnées

Littérature citée [11 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01370377
Contributeur : Hal Ifip <>
Soumis le : jeudi 22 septembre 2016 - 14:27:47
Dernière modification le : jeudi 22 septembre 2016 - 15:10:23

Fichier

978-3-642-55415-5_25_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Daniela Pöhn, Stefan Metzger, Wolfgang Hommel. Géant-TrustBroker: Dynamic, Scalable Management of SAML-Based Inter-federation Authentication and Authorization Infrastructures. Nora Cuppens-Boulahia; Frédéric Cuppens; Sushil Jajodia; Anas Abou El Kalam; Thierry Sans. 29th IFIP International Information Security Conference (SEC), Jun 2014, Marrakech, Morocco. Springer, IFIP Advances in Information and Communication Technology, AICT-428, pp.307-320, 2014, ICT Systems Security and Privacy Protection. 〈10.1007/978-3-642-55415-5_25〉. 〈hal-01370377〉

Partager

Métriques

Consultations de la notice

62

Téléchargements de fichiers

32