Abstract
The Identity Federation has been introduced as an appropriate solution to overcome cybersecurity risks via a reliable management of users identities, while enhancing usability, security, and privacy aspects. However, the interoperability has become one of the greatest challenges facing typical Identity Federations. Simultaneously, the centralization approach of the trust management in current Identity Federations is another major concern, leading to inherent deficiencies such as a central point of failure and scalability issues. In order to better deal with such a dilemma, we present in this paper an innovative framework of Attribute Aggregation within a federated Blockchain, by overcoming the major challenges related to the interoperability requirement and trust management that could reduce the attractiveness of the Identity Federation approach. The proposed system is relied mainly on the SAML standard and Smart Contracts. The experimental results show the efficiency of Fedidchain compared to centralized models of Attribute Aggregation within Identity Federations.
Similar content being viewed by others
Data Availability
Not applicable.
Notes
https://tlsnotary.org/ [Visited on 01-02-2022].
https://jmeter.apache.org/ [Visited on 03-30-2022].
References
Yang, T.-M., Maxwell, T.A.: Information-sharing in public organizations: a literature review of interpersonal, intra-organizational and inter-organizational success factors. Gov. Inf. Q. 28(2), 164–175 (2011)
Jensen, J.: Benefits of federated identity management-a survey from an integrated operations viewpoint. In: International Conference on Availability, Reliability, and Security, pp. 1–12. Springer (2011)
Samar, V.: Single sign-on using cookies for web applications. In: Proceedings. IEEE 8th International Workshops on Enabling Technologies: Infrastructure for Collaborative Enterprises (WET ICE’99), pp. 158–163. IEEE (1999)
Hu, V.C., Kuhn, D.R., Ferraiolo, D.F., Voas, J.: Attribute-based access control. Computer 48(2), 85–88 (2015)
Rountree, D.: Federated Identity Primer. Newnes (2012)
El Haddouti, S., Dafir Ech-Cherif EL Kettani, M.: A hybrid scheme for an interoperable identity federation system based on attribute aggregation method. Computers 8(3), 51 (2019)
Haddouti, S.E., Kettani, M.D.E.-C.E.: Towards an interoperable identity management framework: a comparative study. arXiv:1902.11184 (2019)
Chadwick, D.W., Inman, G., Klingenstein, N.: A conceptual model for attribute aggregation. Futur. Gener. Comput. Syst. 26(7), 1043–1052 (2010)
Deng, M., De Cock, D., Preneel, B.: Towards a cross-context identity management framework in e-health. Online Information Review (2009)
Diaz, C., De Decker, B., Dekeyser, H., Gevers, S., Layouni, M., Nikova, S., Preneel, B., Sun, X., Troncoso, C., Van, S., et al.: Advanced applications for e-id cards in flanders. Interfaces 20, 6–1 (2007)
García, S.S., Oliva, A.G.: Solving identity management and interoperability problems at pan-european level. In: OTM Confederated International Conferences“ On the Move to Meaningful Internet Systems”, pp. 805–809. Springer (2009)
Nofer, M., Gomber, P., Hinz, O., Schiereck, D.: Blockchain. Business & Information. Syst. Eng. 59(3), 183–187 (2017)
Kamvar, S.D., Schlosser, M.T., Garcia-Molina, H.: The eigentrust algorithm for reputation management in p2p networks. In: Proceedings of the 12th International Conference on World Wide Web, pp. 640–651 (2003)
Li, H., Singhal, M.: Trust management in distributed systems. Computer 40(2), 45–53 (2007)
El Haddouti, S., El Kettani, M.D.E.-C.: A novel blockchain-based reliable model for the trust management of an identity federation system. In: Proceedings of the 33rd International Business Information Management Association (IBIMA), pp. 8342–8351 (2019)
ElGayyar, M.M., ElYamany, H.F., Grolinger, K., Capretz, M.A., Mir, S.: Blockchain-based federated identity and auditing. Int. J. Blockchains Cryptocurren. 1(2), 179–205 (2020)
Mohanta, B.K., Panda, S.S., Jena, D.: An overview of smart contract and use cases in blockchain technology. In: 2018 9th International Conference on Computing, Communication and Networking Technologies (ICCCNT), pp. 1–4. IEEE (2018)
Bhardwaj, A., Kumar, V.: Identity management practices in cloud computing environments. Int. J. Cloud Comput. 3(2), 143–157 (2014)
Hughes, J., Maler, E.: Security assertion markup language (saml) v2. 0 technical overview. OASIS SSTC Working Draft sstc-saml-tech-overview-2.0-draft-08, vol. 13 (2005)
Losoff, B.: Shibboleth: a project of the internet2 middleware initiative. Collab. Librariansh. 1(1), 3 (2009)
UNINETT: Simplesamlphp (2008)
Pilkington, M.: Blockchain technology: principles and applications. In: Research Handbook on Digital Transformations. Edward Elgar Publishing, (2016)
Beck, R., Stenum Czepluch, J., Lollike, N., Malone, S.: Blockchain–the gateway to trust-free cryptographic transactions (2016)
Nofer, M., Gomber, P., Hinz, O., Schiereck, D.B.: Business & information systems engineering 59 (2017)
Nakamoto, S., Bitcoin, A.: A peer-to-peer electronic cash system. Bitcoin.–URL: https://bitcoin. org/bitcoin. pdf 4 (2008)
Saleh, F.: Blockchain without waste: proof-of-stake. Rev. Finan. Stud. 34(3), 1156–1190 (2021)
Schneider, F.B.: The state machine approach: a tutorial. Fault-tolerant distributed computing, pp. 18–41 (1990)
Szabo, N.: Formalizing and securing relationships on public networks. First Monday (1997)
Zheng, Z., Xie, S., Dai, H.-N., Chen, W., Chen, X., Weng, J., Imran, M.: An overview on smart contracts: challenges, advances and platforms. Futur. Gener. Comput. Syst. 105, 475–491 (2020)
Buterin, V., et al.: A next-generation smart contract and decentralized application platform. white paper 3(37) (2014)
Dhillon, V., Metcalf, D., Hooper, M.: The hyperledger project. In: Blockchain Enabled Applications, pp. 139–149. Springer, Berlin (2017)
Cong, L.W.: Blockchain economics for investment professionals. J. Invest. 28(3), 13–20 (2019)
Heiss, J., Eberhardt, J., Tai, S.: From oracles to trustworthy data on-chaining systems. In: 2019 IEEE International Conference on Blockchain (Blockchain), pp. 496–503. IEEE (2019)
Tilkov, S., Vinoski, S., Node, J.S.: Using javascript to build high-performance network programs. IEEE Internet Comput. 14(6), 80–83 (2010)
NIST, S.H.S.: FIPS Pub. 180-2 (2002)
Shostack, A.: Experiences threat modeling at microsoft. MODSEC@ MoDELS 2008, 35 (2008)
Bojanova, I., Black, P.E., Yesha, Y., Wu, Y.: The bugs framework (bf): A structured approach to express bugs. In: 2016 IEEE International Conference on Software Quality, Reliability and Security (QRS), pp. 175–182. IEEE (2016)
Khan, R., McLaughlin, K., Laverty, D., Sezer, S.: Stride-based threat modeling for cyber-physical systems. In: 2017 IEEE PES Innovative Smart Grid Technologies Conference Europe (ISGT-Europe), pp. 1–6. IEEE (2017)
Levy, E.: Approaching zero. IEEE Secur. Privacy 2(4), 65–66 (2004)
Karame, G.O., Androulaki, E., Roeschlin, M., Gervais, A., Čapkun, S.: Misbehavior in bitcoin: a study of double-spending and accountability. ACM Trans. Inform. Syst. Secur. (TISSEC) 18(1), 1–32 (2015)
Hassan, S., De Filippi, P.: Decentralized autonomous organization. Internet Policy Rev. 10(2), 1–10 (2021)
Luu, L., Chu, D.-H., Olickel, H., Saxena, P., Hobor, A.: Making smart contracts smarter. In: Proceedings of the 2016 ACM SIGSAC Conference on Computer and Communications Security, pp. 254–269 (2016)
Kalra, S., Goel, S., Dhawan, M., Sharma, S.: Zeus: analyzing safety of smart contracts. In: Ndss, pp. 1–12 (2018)
Nikolić, I., Kolluri, A., Sergey, I., Saxena, P., Hobor, A.: Finding the greedy, prodigal, and suicidal contracts at scale. In: Proceedings of the 34th Annual Computer Security Applications Conference, pp. 653–663 (2018)
Vokerla, R.R., Shanmugam, B., Azam, S., Karim, A., De Boer, F., Jonkman, M., Faisal, F.: An overview of blockchain applications and attacks. In: 2019 International Conference on Vision Towards Emerging Trends in Communication and Networking (ViTECoN), pp. 1–6. IEEE (2019)
El Haddouti, S., El Kettani, M.D.E.-C.: Analysis of identity management systems using blockchain technology. In: 2019 International Conference on Advanced Communication Technologies and Networking (CommNet), pp. 1–7. IEEE (2019)
Funding
Not applicable.
Author information
Authors and Affiliations
Contributions
Samia EL HADDOUTI: Conceptualization, Methodology, Investigation, Software and Writing Original draft. Abdellah OUAGUID: Investigation and Software. Mohamed Dafir EL KETTANI: Supervision and validation. All authors reviewed the manuscript.
Corresponding author
Ethics declarations
Conflict of interest
The authors declare that they have no known competing financial interests or personal relationships that could have appeared to influence the work reported in this paper.
Ethical Approval
Not applicable.
Additional information
Publisher's Note
Springer Nature remains neutral with regard to jurisdictional claims in published maps and institutional affiliations.
Rights and permissions
Springer Nature or its licensor (e.g. a society or other partner) holds exclusive rights to this article under a publishing agreement with the author(s) or other rightsholder(s); author self-archiving of the accepted manuscript version of this article is solely governed by the terms of such publishing agreement and applicable law.
About this article
Cite this article
El Haddouti, S., Ouaguid, A. & Ech-Cherif El Kettani, M.D. Fedidchain: An Innovative Blockchain-Enabled Framework for Cross-Border Interoperability and Trust Management in Identity Federation Systems. J Netw Syst Manage 31, 42 (2023). https://doi.org/10.1007/s10922-023-09731-6
Received:
Revised:
Accepted:
Published:
DOI: https://doi.org/10.1007/s10922-023-09731-6