The Community for Technology Leaders
RSS Icon
Issue No.05 - May (2009 vol.42)
pp: 33-40
David W. Chadwick , University of Kent
George Inman , University of Kent
Most federated identity management systems are limited by users' ability to choose only one identity provider per service session. A proposed linking service lets users securely link their various identity provider (IdP) accounts, enabling the system to aggregate attributes from multiple authoritative sources automatically without requiring users to authenticate separately to each IdP.
Identity management systems, Attribute aggregation, Linking service, SAML, Liberty Alliance, CardSpace, Security & privacy
David W. Chadwick, George Inman, "Attribute Aggregation in Federated Identity Management", Computer, vol.42, no. 5, pp. 33-40, May 2009, doi:10.1109/MC.2009.143
1. R.L. Morgan et al., "Federated Security: The Shibboleth Approach," EDUCAUSE Quarterly, vol. 27, no. 4, 2004; .
2. W. Johnston, S. Mudumbai, and M. Thompson, "Authorization and Attribute Certificates for Widely Distributed Access Control," Proc. 7th Workshop Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 98), IEEE CS Press, 1998, pp. 340-345.
3. Liberty Alliance ID-FF 1.2 Specifications, Liberty Alliance Project; specificationsliberty_alliance_id_ff_1_2_specifications .
4. D. Chadwick, "Authorisation Using Attributes from Multiple Authorities," Proc. 15th IEEE Int'l Workshops Enabling Technologies: Infrastructure for Collaborative Enterprises (WETICE 06), IEEE CS Press, 2006, pp. 326-331.
5. J. Gemmill et al., "Cross-Domain Authorization for Federated Virtual Organizations Using the myVocs Collaboration Environment," Concurrency and Computation: Practice and Experience,22 July 2008; abstract.
6. N. Klingenstein, "Attribute Aggregation and Federated Identity," Proc. 2007 Int'l Symp. Applications and the Internet Workshops (SAINT-W 07), IEEE CS Press, 2007, p. 26.
7. D. Chadwick, G. Inman, and N. Klingenstein, "Authorisation Using Attributes from Multiple Authorities—A Study of Requirements," Proc. HCSIT Summit—ePortfolio Int'l Conf., 2007; .
8. W.E. Burr et al., "Electronic Authentication Guideline," special publication 800-63-1, 8 Dec. 2008, NIST; 800-63-rev1SP800-63-Rev1_Dec2008.pdf.
9. Assertions and Protocols for the OASIS Security Assertion Markup Language (SAML) v2.0, 15 Mar. 2005, OASIS; v2.0saml-core-2.0-os.pdf.
10. J. Hodges et al., eds., "Liberty ID-WSF Authentication, Single Sign-On, and Identity Mapping Services Specification," v2.0, Liberty Alliance Project; 3439/22943/fileliberty-idwsf-authn-svc-2.0-errata-v1.0.pdf .
11. C. Cahill and J. Hodges eds., "Liberty ID-WSF Discovery Service Specification," v2.0, Liberty Alliance Project; 3449/22973/fileliberty-idwsf-disco-svc-2.0-errata-v1.0.pdf .
189 ms
(Ver 2.0)

Marketing Automation Platform Marketing Automation Tool