Skip to main content
SpringerLink
Log in

Fedidchain: An Innovative Blockchain-Enabled Framework for Cross-Border Interoperability and Trust Management in Identity Federation Systems

  • Published:
Journal of Network and Systems Management Aims and scope Submit manuscript

Abstract

The Identity Federation has been introduced as an appropriate solution to overcome cybersecurity risks via a reliable management of users identities, while enhancing usability, security, and privacy aspects. However, the interoperability has become one of the greatest challenges facing typical Identity Federations. Simultaneously, the centralization approach of the trust management in current Identity Federations is another major concern, leading to inherent deficiencies such as a central point of failure and scalability issues. In order to better deal with such a dilemma, we present in this paper an innovative framework of Attribute Aggregation within a federated Blockchain, by overcoming the major challenges related to the interoperability requirement and trust management that could reduce the attractiveness of the Identity Federation approach. The proposed system is relied mainly on the SAML standard and Smart Contracts. The experimental results show the efficiency of Fedidchain compared to centralized models of Attribute Aggregation within Identity Federations.

This is a preview of subscription content, log in via an institution to check access.

Access this article

Log in via an institution

Price excludes VAT (USA)
Tax calculation will be finalised during checkout.

Instant access to the full article PDF.

Institutional subscriptions

Fig. 1
Fig. 2
Fig. 3
Fig. 4
Fig. 5
Fig. 6
Listing 1
Listing 2
Listing 3
Fig. 7
Fig. 8
Fig. 9

Similar content being viewed by others

Data Availability

Not applicable.

Notes

  1. https://tlsnotary.org/ [Visited on 01-02-2022].

  2. https://jmeter.apache.org/ [Visited on 03-30-2022].

References

  1. Yang, T.-M., Maxwell, T.A.: Information-sharing in public organizations: a literature review of interpersonal, intra-organizational and inter-organizational success factors. Gov. Inf. Q. 28(2), 164–175 (2011)

    Article  Google Scholar 

  2. Jensen, J.: Benefits of federated identity management-a survey from an integrated operations viewpoint. In: International Conference on Availability, Reliability, and Security, pp. 1–12. Springer (2011)

  3. Samar, V.: Single sign-on using cookies for web applications. In: Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE’99), pp. 158–163. IEEE (1999)

  4. Hu, V.C., Kuhn, D.R., Ferraiolo, D.F., Voas, J.: Attribute-based access control. Computer 48(2), 85–88 (2015)

    Article  Google Scholar 

  5. Rountree, D.: Federated Identity Primer. Newnes (2012)

  6. El Haddouti, S., Dafir Ech-Cherif EL Kettani, M.: A hybrid scheme for an interoperable identity federation system based on attribute aggregation method. Computers 8(3), 51 (2019)

  7. Haddouti, S.E., Kettani, M.D.E.-C.E.: Towards an interoperable identity management framework: a comparative study. arXiv:1902.11184 (2019)

  8. Chadwick, D.W., Inman, G., Klingenstein, N.: A conceptual model for attribute aggregation. Futur. Gener. Comput. Syst. 26(7), 1043–1052 (2010)

    Article  Google Scholar 

  9. Deng, M., De Cock, D., Preneel, B.: Towards a cross-context identity management framework in e-health. Online Information Review (2009)

  10. Diaz, C., De Decker, B., Dekeyser, H., Gevers, S., Layouni, M., Nikova, S., Preneel, B., Sun, X., Troncoso, C., Van, S., et al.: Advanced applications for e-id cards in flanders. Interfaces 20, 6–1 (2007)

    Google Scholar 

  11. García, S.S., Oliva, A.G.: Solving identity management and interoperability problems at pan-european level. In: OTM Confederated International Conferences“ On the Move to Meaningful Internet Systems”, pp. 805–809. Springer (2009)

  12. Nofer, M., Gomber, P., Hinz, O., Schiereck, D.: Blockchain. Business & Information. Syst. Eng. 59(3), 183–187 (2017)

    Google Scholar 

  13. Kamvar, S.D., Schlosser, M.T., Garcia-Molina, H.: The eigentrust algorithm for reputation management in p2p networks. In: Proceedings of the 12th International Conference on World Wide Web, pp. 640–651 (2003)

  14. Li, H., Singhal, M.: Trust management in distributed systems. Computer 40(2), 45–53 (2007)

    Article  Google Scholar 

  15. El Haddouti, S., El Kettani, M.D.E.-C.: A novel blockchain-based reliable model for the trust management of an identity federation system. In: Proceedings of the 33rd International Business Information Management Association (IBIMA), pp. 8342–8351 (2019)

  16. ElGayyar, M.M., ElYamany, H.F., Grolinger, K., Capretz, M.A., Mir, S.: Blockchain-based federated identity and auditing. Int. J. Blockchains Cryptocurren. 1(2), 179–205 (2020)

    Article  Google Scholar 

  17. Mohanta, B.K., Panda, S.S., Jena, D.: An overview of smart contract and use cases in blockchain technology. In: 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT), pp. 1–4. IEEE (2018)

  18. Bhardwaj, A., Kumar, V.: Identity management practices in cloud computing environments. Int. J. Cloud Comput. 3(2), 143–157 (2014)

    Article  Google Scholar 

  19. Hughes, J., Maler, E.: Security assertion markup language (saml) v2. 0 technical overview. OASIS SSTC Working Draft sstc-saml-tech-overview-2.0-draft-08, vol. 13 (2005)

  20. Losoff, B.: Shibboleth: a project of the internet2 middleware initiative. Collab. Librariansh. 1(1), 3 (2009)

    Article  Google Scholar 

  21. UNINETT: Simplesamlphp (2008)

  22. Pilkington, M.: Blockchain technology: principles and applications. In: Research Handbook on Digital Transformations. Edward Elgar Publishing, (2016)

  23. Beck, R., Stenum Czepluch, J., Lollike, N., Malone, S.: Blockchain–the gateway to trust-free cryptographic transactions (2016)

  24. Nofer, M., Gomber, P., Hinz, O., Schiereck, D.B.: Business & information systems engineering 59 (2017)

  25. Nakamoto, S., Bitcoin, A.: A peer-to-peer electronic cash system. Bitcoin.–URL: https://bitcoin. org/bitcoin. pdf 4 (2008)

  26. Saleh, F.: Blockchain without waste: proof-of-stake. Rev. Finan. Stud. 34(3), 1156–1190 (2021)

    Article  MathSciNet  Google Scholar 

  27. Schneider, F.B.: The state machine approach: a tutorial. Fault-tolerant distributed computing, pp. 18–41 (1990)

  28. Szabo, N.: Formalizing and securing relationships on public networks. First Monday (1997)

  29. Zheng, Z., Xie, S., Dai, H.-N., Chen, W., Chen, X., Weng, J., Imran, M.: An overview on smart contracts: challenges, advances and platforms. Futur. Gener. Comput. Syst. 105, 475–491 (2020)

    Article  Google Scholar 

  30. Buterin, V., et al.: A next-generation smart contract and decentralized application platform. white paper 3(37) (2014)

  31. Dhillon, V., Metcalf, D., Hooper, M.: The hyperledger project. In: Blockchain Enabled Applications, pp. 139–149. Springer, Berlin (2017)

  32. Cong, L.W.: Blockchain economics for investment professionals. J. Invest. 28(3), 13–20 (2019)

    Article  Google Scholar 

  33. Heiss, J., Eberhardt, J., Tai, S.: From oracles to trustworthy data on-chaining systems. In: 2019 IEEE International Conference on Blockchain (Blockchain), pp. 496–503. IEEE (2019)

  34. Tilkov, S., Vinoski, S., Node, J.S.: Using javascript to build high-performance network programs. IEEE Internet Comput. 14(6), 80–83 (2010)

    Article  Google Scholar 

  35. NIST, S.H.S.: FIPS Pub. 180-2 (2002)

  36. Shostack, A.: Experiences threat modeling at microsoft. MODSEC@ MoDELS 2008, 35 (2008)

  37. Bojanova, I., Black, P.E., Yesha, Y., Wu, Y.: The bugs framework (bf): A structured approach to express bugs. In: 2016 IEEE International Conference on Software Quality, Reliability and Security (QRS), pp. 175–182. IEEE (2016)

  38. Khan, R., McLaughlin, K., Laverty, D., Sezer, S.: Stride-based threat modeling for cyber-physical systems. In: 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), pp. 1–6. IEEE (2017)

  39. Levy, E.: Approaching zero. IEEE Secur. Privacy 2(4), 65–66 (2004)

    Article  Google Scholar 

  40. Karame, G.O., Androulaki, E., Roeschlin, M., Gervais, A., Čapkun, S.: Misbehavior in bitcoin: a study of double-spending and accountability. ACM Trans. Inform. Syst. Secur. (TISSEC) 18(1), 1–32 (2015)

    Article  Google Scholar 

  41. Hassan, S., De Filippi, P.: Decentralized autonomous organization. Internet Policy Rev. 10(2), 1–10 (2021)

    Article  Google Scholar 

  42. Luu, L., Chu, D.-H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 254–269 (2016)

  43. Kalra, S., Goel, S., Dhawan, M., Sharma, S.: Zeus: analyzing safety of smart contracts. In: Ndss, pp. 1–12 (2018)

  44. Nikolić, I., Kolluri, A., Sergey, I., Saxena, P., Hobor, A.: Finding the greedy, prodigal, and suicidal contracts at scale. In: Proceedings of the 34th Annual Computer Security Applications Conference, pp. 653–663 (2018)

  45. Vokerla, R.R., Shanmugam, B., Azam, S., Karim, A., De Boer, F., Jonkman, M., Faisal, F.: An overview of blockchain applications and attacks. In: 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN), pp. 1–6. IEEE (2019)

  46. El Haddouti, S., El Kettani, M.D.E.-C.: Analysis of identity management systems using blockchain technology. In: 2019 International Conference on Advanced Communication Technologies and Networking (CommNet), pp. 1–7. IEEE (2019)

Download references

Funding

Not applicable.

Author information

Authors and Affiliations

  1. ENSIAS, Mohamed V University in Rabat, Rabat, Morocco

    Samia El Haddouti & Mohamed Dafir Ech-Cherif El Kettani

  2. National Center for Scientific and Technical Research (CNRST), Rabat, Morocco

    Samia El Haddouti

  3. ESTC, HASSAN II University, Casablanca, Morocco

    Abdellah Ouaguid

Authors
  1. Samia El Haddouti
    View author publications

    You can also search for this author in PubMed Google Scholar

  2. Abdellah Ouaguid
    View author publications

    You can also search for this author in PubMed Google Scholar

  3. Mohamed Dafir Ech-Cherif El Kettani
    View author publications

    You can also search for this author in PubMed Google Scholar

Contributions

Samia EL HADDOUTI: Conceptualization, Methodology, Investigation, Software and Writing Original draft. Abdellah OUAGUID: Investigation and Software. Mohamed Dafir EL KETTANI: Supervision and validation. All authors reviewed the manuscript.

Corresponding author

Correspondence to Samia El Haddouti.

Ethics declarations

Conflict of interest

The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.

Ethical Approval

Not applicable.

Additional information

Publisher's Note

Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.

Rights and permissions

Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.

Reprints and permissions

About this article

Check for updates. Verify currency and authenticity via CrossMark

Cite this article

El Haddouti, S., Ouaguid, A. & Ech-Cherif El Kettani, M.D. Fedidchain: An Innovative Blockchain-Enabled Framework for Cross-Border Interoperability and Trust Management in Identity Federation Systems. J Netw Syst Manage 31, 42 (2023). https://doi.org/10.1007/s10922-023-09731-6

Download citation

  • Received:

  • Revised:

  • Accepted:

  • Published:

  • DOI: https://doi.org/10.1007/s10922-023-09731-6

Keywords

Search

Navigation