|
| This Article | ||
| ||
| Share | ||
| Bibliographic References | ||
| Add to: | ||
 Digg  Furl  Spurl  Blink  Simpy  Google  Del.icio.us  Y!MyWeb | ||
| Search | ||
| ||
2010 10th IEEE/IPSJ International Symposium on Applications and the Internet
Attribute Aggregating System for Shibboleth Based Access Management Federation
Seoul, Korea
July 19-July 23
ISBN: 978-0-7695-4107-5
| ASCII Text | x | ||
| Kazutsuna Yamaji, Toshiyuki Kataoka, Motonori Nakamura, Tananun Orawiwattanakul, Noboru Sonehara, "Attribute Aggregating System for Shibboleth Based Access Management Federation," 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet, pp. 281-284, 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet, 2010. | |||
| BibTex | x | ||
| @article{ 10.1109/SAINT.2010.14, author = {Kazutsuna Yamaji and Toshiyuki Kataoka and Motonori Nakamura and Tananun Orawiwattanakul and Noboru Sonehara}, title = {Attribute Aggregating System for Shibboleth Based Access Management Federation}, journal ={2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet}, volume = {0}, year = {2010}, isbn = {978-0-7695-4107-5}, pages = {281-284}, doi = {http://doi.ieeecomputersociety.org/10.1109/SAINT.2010.14}, publisher = {IEEE Computer Society}, address = {Los Alamitos, CA, USA}, } | |||
| RefWorks Procite/RefMan/Endnote | x | ||
| TY - CONF JO - 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet TI - Attribute Aggregating System for Shibboleth Based Access Management Federation SN - 978-0-7695-4107-5 SP281 EP284 A1 - Kazutsuna Yamaji, A1 - Toshiyuki Kataoka, A1 - Motonori Nakamura, A1 - Tananun Orawiwattanakul, A1 - Noboru Sonehara, PY - 2010 KW - Shibboleth KW - Federation KW - GakuNin KW - Authentication KW - Authorization KW - Attribute KW - ID Provider KW - SAML VL - 0 JA - 2012 IEEE/IPSJ 12th International Symposium on Applications and the Internet ER - | |||
DOI Bookmark: http://doi.ieeecomputersociety.org/10.1109/SAINT.2010.14
In a federation, single sign-on (SSO) for web applications can be achieved by performing authentication at the user's home organization called identity provider (IdP) and authorization at the service provider (SP). The IdP provides the user's information to the SP though the attribute exchange and the SP assigns the authorized access level for the user according to the data in the attributes. The SP trusts the attributes sent from the trusted IdP. However, the authorized access level of the user is limited in some circumstance when the trusted IdP cannot provide enough user's information to the SP. This study develops an attribute aggregating system that integrates user's information from different IdPs which is operated by different federated domain. Currently, our developed system is implemented in the Japanese academic society federation called Informatics Square.
Index Terms:
Shibboleth, Federation, GakuNin, Authentication, Authorization, Attribute, ID Provider, SAML
Citation:
Kazutsuna Yamaji, Toshiyuki Kataoka, Motonori Nakamura, Tananun Orawiwattanakul, Noboru Sonehara, "Attribute Aggregating System for Shibboleth Based Access Management Federation," saint, pp.281-284, 2010 10th IEEE/IPSJ International Symposium on Applications and the Internet, 2010
Usage of this product signifies your acceptance of the Terms of Use.