skip to main content
10.1145/1941530.1941532acmotherconferencesArticle/Chapter ViewAbstractPublication PagesiptcommConference Proceedingsconference-collections
research-article

Introducing a cross federation identity solution for converged network environments

Published: 02 August 2010 Publication History

Abstract

The Future Internet architecture, based on the integration of existing networks and services, and the addition of many new devices like sensors, face a series of important technical challenges, one of them being the management of diverse user identities. The diversity and plethora of the services and procedures affected by the unassociated existing user identities stress the necessity for a holistic solution to deal with the different aspects of the identity management problem. Existing efforts propose limited identity solutions that can only be applied within well defined boundaries and cannot extend their functionality to support converged network environments and service operations across different administrative domains. This paper presents a Dynamic Identity Mapping Association N' Discovery System (DIMANDS) as a holistic identity solution for large scale heterogeneous network environments. This solution offers cross federation identity services and is based on a universal discovery mechanism which spans across different networks, layers and federations. It is also empowered with a unified trust framework which can collect and process diverse trust information to provide trust decisions on a widely accepted format.

References

[1]
Focus Group on Identity Management, "Report on Identity Management Use Cases and Gap Analysis", ITU-T, 2008.
[2]
Liberty Alliance, Liberty ID-FF architecture overview, version 1.2, 2004--09.
[3]
http://openid.net/specs/openid-authentication-2_0/html.
[4]
http://informationcard.net/technical-information-center
[5]
http://www.eclipse.org/higgins
[6]
http://www.ist-daidalos.org
[7]
http://www.ist-swift.org
[8]
https://www.prime-project.eu
[9]
http://www.primelife.eu
[10]
https://spaces.internet2.edu/display/SHIB2/Home
[11]
http://www.athensams.net/
[12]
M. Dabrowski, P. Pacyna, "Cross-Identifier Domain Discovery Service for Unrelated User Identities", DIM Workshop, 2008
[13]
ETSI EG 284 004 v1.1.2, Universal Communications Identifier (UCI) http://ftp3.itu.ch/fgidm/Deliverables/0295-att-1.doc
[14]
http://kantarainitiative.org/
[15]
http://www.networkworld.com/newsletters/dir/2009/062209id2.html
[16]
Ion Stoica, Robert Morris, David Karger, M. Frans Kaashoek, Hari Balakrishnan, "Chord: A Scalable Peer-to-peer Lookup Service for Internet Applications", Sigcomm 2001
[17]
J. Hodges. (2009) Technical Comparison: OpenID and SAML - Draft 06. {Online}. http://identitymeme.org/doc/draft-hodges-saml-openid-compare.html
[18]
E. and Reed, D. Maler, "Options and Issues in Federated Identity Management," in IEEE Security & Privacy, 2008, pp. 16--23.
[19]
S. Boeyen, G. Ellison, N. Karhuluoma, W. MacGregor, P. Madsen, S. Sengodan, J. Linn (Ed). (2004) Trust Models Guidelines. {Online}. http://www.oasis-open.org/committees/download.php/6158/sstc-saml-trustmodels-2.0-draft-01.pdf
[20]
Florina Almenarez Mendoza, Andres Marin Lopez and Daniel Diaz Sanchez Patricia Arias Cabarcos, "Enabling SAML for Dynamic Identity Federation Management," in Wireless and Mobile Networking Conference, Gdansk, 2009.
[21]
D., Jones, M., Bufu, J., Daugherty, J. and Sakimura, N Recordon. (2009) OpenID Provider Authentication Policy Extension 1.0. {Online}. http://www.openid.net
[22]
Bertino, E., Khan, L. R., Sandhu, R., Thuraisingham, B.: Secure knowledge management: confidentiality, trust, and privacy. Systems, Man and Cybernetics, Part A, IEEE Transactions on 36 (2006)
[23]
Bhatti, R., Bertino, E., Ghafoor, A.: An integrated approach to federated identity and privilege management in open systems. Commun. ACM 50 (2007) 81{87
[24]
Takane, Y., Young, F. W., de Leeuw, J.: Nonmetric individual di®erences multidimensional scaling: an alternating least squares method with optimal scaling features. In: Psychometrika 42. (1977)
[25]
Platt, J. C.: Fast embedding of sparse music similarity. In: Advances in Neural Information Processing Systems vol. 16. (2004)
[26]
Díaz Sánchez, D., A. Marín López, F. Almenárez Mendoza, C. Campo Vázquez, and C. García-Rubio. "Context awareness in network selection for dynamic environments." Journal/Magazine: Telecommunication Systems. Vol:36. Issue: 1 (2007): Pages:49--60
[27]
Yan He and Miaoling Zhu. "A complete and efficient strategy based on petri net in automated trust negotiation". Infoscale, June 2007.
[28]
Keith Irwin and Ting Yu. "Preventing attribute information leakage in automated trust negotiation". CCS'05, 12th ACM conference on Computer and communications security, November 2005.
[29]
Jiangtao Li, Ninghui Li, and William H. Winsborough. "Automated trust negotiation using cryptographic credentials". CCS'05, 12th ACM conference on Computer and communications security, November 2005.

Cited By

View all
  • (2014)Media GatewayTelecommunications Systems10.1007/s11235-013-9783-155:2(315-330)Online publication date: 1-Feb-2014
  • (2011)Identity management directions in future internetIEEE Communications Magazine10.1109/MCOM.2011.609400949:12(74-83)Online publication date: Dec-2011
  • (2011)Cloud security assessment and identity management14th International Conference on Computer and Information Technology (ICCIT 2011)10.1109/ICCITechn.2011.6164819(387-392)Online publication date: Dec-2011

Index Terms

  1. Introducing a cross federation identity solution for converged network environments

      Recommendations

      Comments

      Information & Contributors

      Information

      Published In

      cover image ACM Other conferences
      IPTComm '10: Principles, Systems and Applications of IP Telecommunications
      August 2010
      170 pages
      ISBN:9781450306317
      DOI:10.1145/1941530
      Permission to make digital or hard copies of all or part of this work for personal or classroom use is granted without fee provided that copies are not made or distributed for profit or commercial advantage and that copies bear this notice and the full citation on the first page. Copyrights for components of this work owned by others than ACM must be honored. Abstracting with credit is permitted. To copy otherwise, or republish, to post on servers or to redistribute to lists, requires prior specific permission and/or a fee. Request permissions from [email protected]

      Sponsors

      • Technische Universitat Munchen: Technische Universitat Munchen
      • IFIP

      In-Cooperation

      Publisher

      Association for Computing Machinery

      New York, NY, United States

      Publication History

      Published: 02 August 2010

      Permissions

      Request permissions for this article.

      Check for updates

      Author Tags

      1. discovery
      2. identity management
      3. privacy
      4. trust management

      Qualifiers

      • Research-article

      Conference

      IPTComm '10
      Sponsor:
      • Technische Universitat Munchen

      Acceptance Rates

      IPTComm '10 Paper Acceptance Rate 12 of 50 submissions, 24%;
      Overall Acceptance Rate 18 of 62 submissions, 29%

      Contributors

      Other Metrics

      Bibliometrics & Citations

      Bibliometrics

      Article Metrics

      • Downloads (Last 12 months)2
      • Downloads (Last 6 weeks)0
      Reflects downloads up to 27 Jan 2025

      Other Metrics

      Citations

      Cited By

      View all
      • (2014)Media GatewayTelecommunications Systems10.1007/s11235-013-9783-155:2(315-330)Online publication date: 1-Feb-2014
      • (2011)Identity management directions in future internetIEEE Communications Magazine10.1109/MCOM.2011.609400949:12(74-83)Online publication date: Dec-2011
      • (2011)Cloud security assessment and identity management14th International Conference on Computer and Information Technology (ICCIT 2011)10.1109/ICCITechn.2011.6164819(387-392)Online publication date: Dec-2011

      View Options

      Login options

      View options

      PDF

      View or Download as a PDF file.

      PDF

      eReader

      View online with eReader.

      eReader

      Figures

      Tables

      Media

      Share

      Share

      Share this Publication link

      Share on social media