Dynamic Identity Federation Using Security Assertion Markup Language (SAML)

Abstract : Security Assertion Markup Language (SAML, in short) is one of the most widely used technologies to enable Identity Federation among organisations from different trust domains. Despite its several advantages, one of the key disadvantages of SAML is the mechanism by which an identity federation is established. This mechanism lacks flexibility to create a federation in a dynamic fashion to enable service provisioning (or de-provisioning) in real time. Several different mechanisms to rectify this problem have been proposed. However, most of them require a more elaborate change at the core of the SAML. In this paper we present a simple approach based on an already drafted SAML Profile which requires no change of the SAML, rather it depends on the implementation of SAML. It will allow users to create federations using SAML between two prior unknown organisations in a dynamic fashion. Implicit in each identity federation is the issue of trust. Therefore, we also analyse in detail the trust issues of dynamic federations. Finally, we discuss our implemented proof of concept to elaborate the practicality of our approach.
Type de document :
Communication dans un congrès
Simone Fischer-Hübner; Elisabeth Leeuw; Chris Mitchell. 3rd Policies and Research in Identity Management (IDMAN), Apr 2013, London, United Kingdom. Springer, IFIP Advances in Information and Communication Technology, AICT-396, pp.131-146, 2013, Policies and Research in Identity Management. 〈10.1007/978-3-642-37282-7_13〉
Liste complète des métadonnées

Littérature citée [13 références]  Voir  Masquer  Télécharger

https://hal.inria.fr/hal-01470512
Contributeur : Hal Ifip <>
Soumis le : vendredi 17 février 2017 - 14:50:51
Dernière modification le : vendredi 17 février 2017 - 15:16:29
Document(s) archivé(s) le : jeudi 18 mai 2017 - 14:41:29

Fichier

978-3-642-37282-7_13_Chapter.p...
Fichiers produits par l'(les) auteur(s)

Licence


Distributed under a Creative Commons Paternité 4.0 International License

Identifiants

Citation

Md. Ferdous, Ron Poet. Dynamic Identity Federation Using Security Assertion Markup Language (SAML). Simone Fischer-Hübner; Elisabeth Leeuw; Chris Mitchell. 3rd Policies and Research in Identity Management (IDMAN), Apr 2013, London, United Kingdom. Springer, IFIP Advances in Information and Communication Technology, AICT-396, pp.131-146, 2013, Policies and Research in Identity Management. 〈10.1007/978-3-642-37282-7_13〉. 〈hal-01470512〉

Partager

Métriques

Consultations de la notice

112

Téléchargements de fichiers

46