Boursas, L., Hommel, W. (2006):
Policy-based Service Provisioning and Dynamic Trust Management in Identity Federations
In Federated Identity Management (FIM), user
administration is decentralized: Service Providers (SPs) can
request information about the users from their respective Identity
Providers (IDPs). The subsequent processing of this data with
respect to service provisioning and various privacy aspects are
open research issues. We first specify how SPs can use providerwide
and service-specific XACML policies to enforce the required
quality for the data delivered by the IDPs. Then, we demonstrate
how aspects of trust and reputation management can improve the
dynamics of Identity Federations and enhance the end users’ privacy.
We also extend the identity-centric request-response model
of today’s FIM protocols by group queries and demonstrate
their application. Finally, we introduce our prototype and its
integration into the Shibboleth FIM software.
| ![[Logo]](/_images/TUM/logo-left.gif){kind=logo}
![[Logo]](/_images/TUM/logo-right.gif){kind=logo}
![[PRINT]](/_images/TUM/side-print.gif)
Print ![[up]](/_images/TUM/side-up.gif)
Forschungsartikel