Abstract
One disadvantage with current Federated Identity Management systems is the establishment of the federation is based on a preestablished relying relationship between Service Provider and Identity Provider. The contribution of this paper is a proposal for the integration of Federated Identity Management with Automated Trust Negotiation to establish a Dynamic Federation, which makes the sharing of user information among potential business partners easier and more flexible, and provides better protection of users’ privacy at the same time. In this paper, the architecture, main information exchange protocol and prototype implementation of Dynamic Federation Framework are described in detail.
Access this chapter
Tax calculation will be finalised at checkout
Purchases are for personal use only
Preview
Unable to display preview. Download preview PDF.
References
Winsborough, W.H., Li, N.: Towards practical automated trust negotiation. In: Proceedings of the Third International Workshop on Policies for Distributed Systems and Networks (Policy 2002), pp. 92–103. IEEE Computer Society Press, Los Alamitos (2002)
Shim, S., Bhalla, G., Pendyala, V.: Federated identity management. Computer 38(12), 120–122 (2005)
Suriadi, S., Foo, E., Josang, A.: A user-centric federated single sign-on system. Journal of Network and Computer Applications 32(2), 388–401 (2009)
Bhargav-spantzel, A., Squicciarini, A.C., Bertino, E.: Trust Negotiation in Identity Management. IEEE Security & Privacy 5(2), 55–63 (2007)
Hughes, J., Maler, E.: Security Assertion Markup Language (SAML) V2.0 Technical Overview. OASIS Working Draft 08 (2005)
Wason, T., Cantor, S., et al.: Liberty ID-FF Architecture Overview. Liberty Alliance (2004)
Bajaj, S., Della-Libera, G., et al.: Web Services Federation Language. WS-Federation (2003)
Cantor, S., et al.: Shibboleth Architecture: Protocols and Profiles. Internet2-MACE (2005)
Maler, E., et al.: Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) V2.0. OASIS (2005)
Winsborough, W., Seamons, K., Jones, V.: Automated trust negotiation. In: DARPA Information Survivability Conference and Exposition, vol. 1, pp. 88–102 (2000)
Tuecke, S., Welch, V., Engert, D., Pearlman, L., Thompson, M.: Internet X.509 Public Key Infrastructure (PKI) Proxy Certificate Profile. RFC 3820 (2004)
Lee, A.J., Winslett, M., Perano, K.J.: TrustBuilder2: A Reconfigurable Framework for Trust Negotiation. In: IFIP Trust Management Conference (2009)
Hodges, J., Bob Morgan, R.L.: Lightweight Directory Access Protocol (v3). Technical Speci_cation (2002)
Author information
Authors and Affiliations
Editor information
Editors and Affiliations
Rights and permissions
Copyright information
© 2010 Springer-Verlag Berlin Heidelberg
About this paper
Cite this paper
Zuo, Y., Luo, X., Zeng, F. (2010). Towards a Dynamic Federation Framework Based on SAML and Automated Trust Negotiation. In: Wang, F.L., Gong, Z., Luo, X., Lei, J. (eds) Web Information Systems and Mining. WISM 2010. Lecture Notes in Computer Science, vol 6318. Springer, Berlin, Heidelberg. https://doi.org/10.1007/978-3-642-16515-3_32
Download citation
DOI: https://doi.org/10.1007/978-3-642-16515-3_32
Publisher Name: Springer, Berlin, Heidelberg
Print ISBN: 978-3-642-16514-6
Online ISBN: 978-3-642-16515-3
eBook Packages: Computer ScienceComputer Science (R0)