scholarly journals A Hybrid Scheme for an Interoperable Identity Federation System Based on Attribute Aggregation Method

Computers ◽  
2019 ◽  
Vol 8 (3) ◽  
pp. 51 ◽  
Author(s):  
Samia EL Haddouti ◽  
Mohamed Dafir Ech-Cherif EL Kettani
Keyword(s):  
Large Scale ◽  
Identity Management ◽  
Cost Effective ◽  
Potential Method ◽  
Management Systems ◽  
Single Session ◽  
Web Resource ◽  
Multiple Identity ◽  
Identity Federation ◽  
Identity Management Systems

Several countries have invested in building their identity management systems to equip citizens with infrastructures and tools to benefit from e-services. However, current systems still lack the interoperability requirement, which is the core issue that could lower the wide benefits of having an identity management system. In fact, in the existing systems, the user is allowed to choose only one partial identity from an identity provider (IdP) during a single session with a service provider (SP). However, in some scenarios, an SP needs to retrieve information about user’s identities managed by multiple IdPs. The potential method to tackle these shortcomings is attribute aggregation from multiple identity providers. A number of initiatives and projects on attribute aggregation have been explored. Nevertheless, these constructions do not fulfill some identity management requirements. This paper describes a new flexible model that aims to provide the necessary mechanisms to ensure attribute aggregation in order to meet the interoperability challenges of current identity management systems. The proposed scheme is a scalable solution, based on identity federation technologies, that introduces a new IdP called an account linking provider (ALP). The purpose of this ALP is to link together different accounts, holding end users’ attributes, whenever more than one source of data is needed to grant access to the requested web resource in a single session. Furthermore, the proposed identity federation system is based on a streamlined, cost-effective, and interoperable architecture, which makes this model suitable for large-scale identity federation environments.

Identity Management Systems

2015 ◽  
pp. 144-169
Author(s):  
Reema Bhatt ◽  
Manish Gupta ◽  
Raj Sharman
Keyword(s):  
Management System ◽  
Identity Management ◽  
Management Systems ◽  
Digital Identity ◽  
Privacy Requirements ◽  
Identity Management Systems ◽  
Authentication And Authorization ◽  
Identity Management System ◽  
Access Rights

Identity management is the administration of an individual's access rights and privileges in the form of authentication and authorization within or across systems and organizations. An Identity Management system (IdM) helps manage an individual's credentials through the establishment, maintenance, and eventual destruction of their digital identity. Numerous products, applications, and platforms exist to address the privacy requirements of individuals and organizations. This chapter highlights the importance of IdM systems in the highly vulnerable security scenario that we live in. It defines and elaborates on the attributes and requirements of an effective identity management system. The chapter helps in establishing an understanding of frameworks that IdM systems follow while helping the reader contrast between different IdM architecture models. The latter part of this chapter elaborates on some of today's most popular IdM solutions.

scholarly journals Identity Management Systems: Techno-Semantic Interoperability for Heterogeneous Federated Systems

2018 ◽  
Vol 11 (3) ◽  
pp. 102
Author(s):  
Hasnae L’Amrani ◽  
Younès EL Bouzekri EL Idrissi ◽  
Rachida Ajhoun
Keyword(s):  
Identity Management ◽  
Semantic Interoperability ◽  
Communication Process ◽  
Management Systems ◽  
Application Domain ◽  
Technical Approach ◽  
Management Domain ◽  
Identity Management Systems ◽  
Research Domain ◽  
Semantic Layer

The identity management domain is a huge research domain. The federated systems proved on theirs legibility to solve a several digital identity issues. However, the problem of interoperability between federations is the researcher first issue. The researchers final goal is creating a federation of federations which is a large meta-system composed of several different federation systems. The previous researchers’ technical interoperability approach solved a part of the above-mentioned issue. However, there are some-others problems in the communication process between federated systems. In this work, the researcher target the semantic interoperability as a solution to solve the exchange of attribute issue among heterogeneous federated systems, because there is a significant need of managing the users’ attributes coming from different federations. Therefore, the researcher proposed a semantic layer to enhance the previous technical approach with the aim to guarantee the exchange of attribute that has the same semantic signification but a different representation, all that based on a mapping and matching between different anthologies. This approach will be applied to the academic domain as the researcher application domain.

Sign in / Sign up

Export Citation Format

Share Document